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U,& Department of Justice 



Justice Mairoaipimiriit [KSwikutm 


Washington,, DC. 20530 


MAY 2 0 20111 


Re: Freedom oflM&iiim0ibcii'McRB^qestsFlMo.23323^97 


I am responding rnn fltetoailff of the Justice MaomaBgefflnimttllSiwEam^ of Information 

Act (FOIA) request dated Apiill 11 ,20)111 , for copies of each News You C’aam (UkeimwJtattffr)piilrfiisfabdixnn 
DOJNet. Because I deem you to be a non-commercial impesitor, pan aixecmltitktltCottkiel'itnrBtl DCKppgges 
of documents and dike tfn t atttwoHmuRS of search time at no charge. 28 C.F.R. § 16.11(d). 


I am enclosing, at M)<a<Mtrt 0 )\,mu , id 11 tteWnuCCuann Use newslettostffliHtiltew£llBmnpulhl$febddainn 
DOJNet, a total of2ffi documents.. We are withholding ptontliitojrss of four newsletters— those from 
September 2010, August 2®Q(fi, Jlannary 201 ft). aantl April201O— under FOIA Exemplikm - wttitrih 

protects disdtomiiKe of law enforcement technkpiesssandipitoiauilirees. 5 U.S.C. § 552(b)ff/7)((IE)). 

If you are dissatMned wiiih any ault ion.aanajgpeal 1 rnaayHsernaaktq^niurauant(to 28 C.F.R. § 16.9 by writing to 
the Director. Office «stilliMnmidtioraMd’JftjtojcyyiSiSDFpipantmitn t of Justice, 1425 New York Avenue, 
Suite 11050, Washington, D..C. 2®S33MMRl,witHini6fi0di^sffoimtllihQddtte ofttiiks letter. Both the letter 
and the envelope dtaffiuM itedlfiailvyimafkati "Freedom otfl lfutidkmmatm i A&cAfvpxpdal.” In the event you are 
dissatisfied wiMin tfhemxulhs of any such appeal, judicial lewnow wiiM ttlcmrdfta-rH^iavdlliMxlaulltibaldiHtiiatt 
where the requester neaadksctnli^caipininipdlpilaffie of business, or in ttHnr (L’ihttadSttatesIDistracCCmiTrfdbr 
the District of Columbia. 


Sincerely, 



Barbara Bush 
Acting General Ceumnssdl 


Enclosure 












Security ^MaiCTBEBsrips 


Your GoldenTTiidke.t... to Getting Scam meld! 

Beware of emaife that promote investing in gjadhtt— scammers are exploiting tte rtetnft 
increase in golcfev^ilrae (a prevaiterttiTiraffiattxpfD^l.Ftewrttooimi^nasaitooPtinMtotoarBhd 

otter economic issues tares- 

caused some investors to 
tiimm to gold as a safer iimtat- 
mentt. As a resulltt, security 
organiizatidJTSS have notiastti 
an influx of hoax ffltafe that 
request users' persotel in- 
foimnHtbixnn. In on®auiciti scam, 
tte emaillfe subject line 
reads, "lisGMril Your Ticket T© 

A Golden Future!?'' and a 
"FREE investor kit" is offerrad to users wto providte tteirr contact# infanmaition. 

"Certaitm pfficsuraStifeffisaBjeuseddnin tte image for this spam aratimpraggnirniohJdbJiigig3<Stamin 
Beck. A GooggtessBtrth iraattafc an intoiesttrhgpBg^atadMtdSISlienBS&feck pranrattrigg gold) in¬ 
vestments. It seems that tte spamrmiar died snores nffimmolfi in orcfar to know aboutt tte 
association tefrteqDparp^gBtgTtiithspapBoaRnpaiSBi'giiM'af'Haltnett, wwws 5 fnaataec.com)).. 

ContmiSmting sources: wmmMet-seiamtyarr^;mviws^ymmMtec.amcn; www.nytimwsacom 


User AwarenessTips 


ThumlhHtfimQtffRibby... ThumibUMive Safety 101 

tenovabfeafevcesssufflth as thuumtb dritesPteB known as USB sticks) pose a unique attel- 
lenge to Federal IT Security.. White ttfn^y are conveniemtt, ptsrt&fcWeaaiddggeeit for storing; 
files, they are also easy to lose, andl an®affesnusadd to spread ittelvasee. 

The US-CEJtnrfComputerffirreeggeoy^RISepposisffSaianrjn) 
recommmdds tte folltiywing measure to preterit 
thwmtto drive data:: 



•Do not plots am unkimmwn USB drikxos into your com- 
' B "' puter- If you ffihrodaa USB driw®,ggwes it to tte appro¬ 
priate arttobdtidffis (a locatita&ssamiityf pt®ra®TBti,el, 
your organizations IT depanttarotit, etc.). Do not plug 
it into your compiaieritowtawihlna otnMBntsiontentrytalrdetftjfyitbeiowner. 
•Tartffiaatterrtagge of security features- Use passwords artororexisfpitiDrooyOjUJur USBdriw® 
to protedtyyrwoddtoaatechatekffiusere tlhialt you hwcottte infermsJibon backed ofloirn case 
yourdtme is lost. 

•tteepfpa'Bsnnaifeaddiiliaiseiess USBdriuess separate-- Do not use personal USB dritas arm 
CompujtessQSWBddbjDyqtouKgagaBaaJrpandritodo not plug USB dritesc®rrttijiiimgg:op[nj!ratete 
infottnteiOon Into your persotel computer. 

ComtriSmting sources: www.uiMB3rttfgov;inmriis:aBetmwv 


Aboiutt tlte JSOC News tetter 


The (Justice Security Op®isatooBsClaaTtrter 
(JS©C) News You Can Use Newsletter 
strltes to protfemtt reaafeEsgajpmsStltTt&er- 
net cybertlt*®atetsb|?ykteeppgig ttern up- 
todteto on tte latest ssEtuitjty issues, 
vulliiwtoMifeis;s,aaOd computer userttjps. 
The tHn-esats we addir^afftatyyaidalfyiy- 
- alt wontk, at teneeaaddvvridalhilyveijery- 
wteiffiitn between-aadd we pnoewtee tte 
infewrraten you need to kncwnc.im toms 
yew sam omtersttadd. If ttere is a spe¬ 
cific tfflfjDec you wouiltd like to see dis¬ 
cussed in a futuree newsletter, please 
emaiil us at doimaitta^sldpiiiffinv. 


Cyber Awraeeness Tip 


"(Dims software is insttolteld on your 
horns comp liter, you do not haw to 
worry aboutt it anymore’.’" 

• Vendtoss may release updated ver¬ 
sions of softtvaee to address protto- 
lems or fiixMiuJtreeabbiitliiases. You should 
installl tte updates (on your home 
computet) as soon as possible;; some 
sofftwaee even offess tte option to 
obtfeamuppldass autimsiitiaHyy. 

Source: US-Centt 


VPR Aleirttes 
SecuritW/AiiTODees 


Worlk franm Homs 

Wortkrreg fnsun horns wten possible, as 
welll as utillHirtg an Afteraflti/@e WraiHs 
Schedule (AWS) signifiiEarirttyyreeltiQees tte 
enet^ysarcdttrrree spentt comimuJiiigg.Vtddeo 
and pitoreecoofdierajiw^gjndnd otter wmlfe- 
fltow*/ tates, make tttiss am easy, effective? 
altsirraJitsiee to tnaodttoaalal comimutiiiigg. 
Source: www.green-imibmiteticTtMn 


**This document is intended far Department of Justice iintenail use only and is not to be distributed outside the Department . ** 

Quest'mnsire^addiuggkhis newiletter or requeatsffxrqjpemrmisionotoerlediitnibutbcBiiduld be directeodito: JSOC, 2O2-35T7t02j66 
















News You Cam ISOase 


March 2011 


Security Awareness Ti 


Mamraaition Security 10L: Avoid Passwudd Reuse 

In a recemtt study by the Security/ Group) at the Unrtoesity of Camtardgge Computer 
Laborattoyy, a comparison was condliatfeeld on tw® weibstbss whoa® passwrardri iitWdrtmation had 
been stsstten. The wetoatfess had oventt^ppigg custanrosss (based am fflmalilasidclja$s^$)grahd of 
_ the custametss wh® were regiisteedd at botHr sites, 

76 pensemtt used tte same passwrardd on botth 
accnurtfcs 

Uttlrangg the saunrne-arr even veity simtar-- 
pass*KBdis on mulWiptte sites means thatt, if one 
accoiumtt is compranniBeeld, thejy all are. 
Unfarttmatefyly, due to this common), insesuree 
prsfltoee, "If a malliiaixusslfHBHeeirsisabtele to get his 
or her handsanricB uiatebsgBssswcdd credfeTtiatts for 
one domain), said hacker has a good starting 
pointt for freptegg out the useffe password for 
other sited" (Sanmiirp, infoworMcom). 

This issue is parltiaud^ali^y relevanrtt to Departmtertt of Justibse wstessfctBeaasee, if an indwdUiafel 
uses the same passwrdd at DOJ and non-warW<r-etall^3fed sites, they are not only jestpactilzirigg 
theiirr perasntel accounrtfes, but also putting the Departtneoitlfe's netawsrtk at rtstk. At the very 
least, users shoiuitd comnritt to never reuse theiir worife-feditedd passwords for any of theiir 
perscmdl accounrtbs. 

CootontadbVmag Sources:' 'infoworld.com 


Warmimg: Attsetkaes May Atterrppt to Compmsmisse Remote Access Tokens 

A security/ bneadtn at a vendor recanttyy caused 
weaknessesrin RSA SecuriDD tokens commsniyy used in 
remette access to Departmmtit systems. As a resdtt, 
attaattess may attemnptt to obtam userd' PIWl smites to 
access Departmrwrlt systems using RSA SecuriDD 
tofcsrss. 

By rerrearriimgg alert for attenrnptfes to reset or obtern RSA SecuriDD total) PIN codes, users cam 
assist in keeping Deparfrrrtertt infdrmaiibon secure. 



Visit Our Webs/t 


The JustiiteSHfltey>0^petedrasi£e®tBter 
(JSOC) News Yaw Cart Use 
Newsltettfeer sttriueKtdo fpcdtetteestefers 
against Iiriteirtet cyber thirds by 
keeping them up-todajeeamttte IdtE^t 
securi%/ issues, vulnetdJililSiBes, and 
computer user ttpss. The thraetbs we 
address affect yam dail^y-- at wortk, att 
home,, and virttteiyy everymtlwee in 
between-aadd we provisfte the 
infenmaiironn you need to know,, In 
terms you can understand! If then® Ss 
a specific topic: yraui wedd likes tdo see 
discussed in a futures newsletter, 
please email! Jennifer Jones at 




Cyber Awareness Tip 


Reassures to be parti ouifsalryly 
careffxll wtan opening emaill 
attitetineertris: 

• Emaiil is easily circuiJtaeld 
Foraffl-critiigg emaill is so simfldte 
that vitiutess can quickly infest 
many madlrirress. 

• Emaill programs tiry to addnsstesdll 
usensS' needs - Alnmo&t any type of 
fiite can toe afitaitteld to an email 
mesBHge, gp atteitess hawe more 
fresttom witHn the typass of vmatess 
th^y can send. 

• Emaill programs offer many "wshf- 
firtBnUjy" fealturees - Some emaill 
programs ha*® the option to 
autansateafljiy downtibadd emaill 
atJaiHimwaitos, whibih immediiatety 
expmmss your computer to any 
viinuifflss witttim the atttattimetits. 

Source: MS-C«rt 


News HfghlgtfiSs 


VPR Aleirtfes 


Green Tip of tlhe Month 


Waste Less Paper 

Whenever appraprraatie, re-usse one¬ 
sided doojnritertSs fromm a scrap paper 
bin inn the same area aes your printer 
or copferr. 

Source: iWmtinmmorg 


**This doctonmrttls intended: for Deporfl/nunlot Justice internal] use only and is natto be distribuiltatioutside the DefftarttnesitiL* ** 

Questions regarding this newsteffitero/r requests for permission to redistribute should be directed to: JSOC 202-3fK7S(JZ66 































News ybuiG&ait/Us 


February 2011 

201H DOJ Cvbere«cmflty Conferartce 


’Tl^WE^gigg a CollabsrcAitisre Defetnsffii" 

The thihoU anrastl DOJ Cybeti^iuitity ConfaiameewaashbtelcFglatDianyiry 8-®,, witttn the them® 
"lUetfeagimgj a CollatarEative DefamsE"" This yeaiffe confeneanase exaimirradd the Chaffin® 
thifsait pletiir® artti the new dywaTrtoss and challltoi^ssiriin defeirotiiiigg DOJ netwarhfes. It also 
errtptfitMzafl the need to work togetHra-r to strwircjjbleen the Departtrrosrt'fe's netorarHss arvdl 
appllittattonssecaurity postures, white empanvfflhmgg its missifam. 

Thank yoo to all attsrrottess-- parSiaiiltoyy volumfeBfss-- who helped to mate this year’s 
confen®nsffi a success.. Please rermeitmtoffir to fill out your attertitee surx^y so that your 
feedtek cam helfp dteqqre next yeaife program. To reqiuisstt a specific ta^bo: baae uHMMeddirjnaa 
futuine confen®TOBe,[pitasee email Jennifer Jones at ieromfenQpeg&gtctefeejogov ^ 


Security Awaraarcsss Tip 


Visit Our Website 


Aboiutt ttfrxe JS< 0 (C Newsletter 


The Justice S®suuirtyyO$[®eatbDsiCgBtetier 
(JSOC) News Yuan Can Use 
Newstettter stria® tto prateettreasdess 
against tnteimtot cyber threats by 
keeping thorn up-taKfette on the latest 
security issues, vulnefetillttees, and 
computer user tips.. The threats we 
address affect paw daiilljy— at work, at 
home, and virttfeljy everpuHtaiffi In 
between-aadd we provinite the 
infomnreatinm youii need to know, in 
ternas you can understand. If their® is 
a specific topiiK youi wouiittl likes to see 
discussed in a futures newsletter, 
please emaiil Jennifer Jones at 









































Camflfloe 


User Awarearesss Tip 


Cyber Security/ Resoltatfanss for 201H 



Cyber security/ gxpenfes predbat a rise in economicc and pfo marteft- 
relsted scams in 2011 ;; resdUee to be extra vigiHsrntt in proterrtjmgg 
youit^ff from cyber criimira thiis yeanl! 

Lottery ami Sweepst^ess Scams 

Accercdiitgg to the FBI's Internet Criimra CompHahrtt Center (t(E 3 )), 
conswrresss have repcntted a recent sweeptet&tees scam that senate emailte 
and letters with fratusttilteriit checks bear/mg the log®® of fiimaroiail serwiosss comfprariess. Expert 
to see vaniatoiBs of tltosse schema in the comibirg year, usirm® text messajpss and phomse 
cafe. 

Employmnartt Schemes 

Both "get rich quick 1 " and "work from home 1 " schemras have becomite 
inonstemj^y commrami, expihsttihgg these; fadrreg diffiinjdtt finteroiaiil 
ciroumatoinees. “Cdmmasnri wamtirreg flags in postmgs for possiidte scanrns 
Inctatte: Irrnflffeabetl wage®, vagwe woiratth® or gemenra: pto opemintgs, free 
traiiilHtg, guararrttadd placenrreeflt, no spsaidl skillfes or expenreroee rerpifedd, 

P.O. Box or out-effsSfetee address, and jj<ntt» listings for governm-rteTtt, civiil 
seracse and ovatssas positdmS.". 

Social I NetwKsnMimg Dangers 

Sociall netswtekmgg sit^s are consiisfeSTtltyy risk®, and thnesdte are predolbdd to inorsasse in 2011 . 
They "prawittee an avenue of easy atfek to users who are wiling to cl«tk on every/ link tthi^y 
receive''.'. Be sure to contact# frieidte before clicking link®, vikdteas, etc, to ensures they/ are 
legitfinalie. 

Sources; ttoW</ft65Hdn^;N^tSB2urrty; PC Tool's 

Security/ Awswwrtass Tips 


fiTffrrrrraatoan Security/ during) Drtterraaitoaabl T rawed I 

All fedetel erngiljy^ees emtotkriigg on intemtetanabl travel-whrfetttfeer woirtk-retidddd or rwtt- 
shouiiid keep the follhavimgg tips in mind:: 

Assume You'nee a Target, Because You Probatity Are 

Tiraxaslers need to know that in light of currairtt worlbH/vitee pdittaail and economic inslWtilliiyy, 
the fact that they are Ametoaam citEeeras and,, in partcutor, U.S.. goveirmrentt emglhypees or 
contract toss, makass them a target for explteatfeataxtnri.". 

Avoid! ProcesBrrgg and Tramamitttnigg SensWuee P ri fcan wfl town 

Traxtetess shoiultt) assumr® that theiir trarsnisssjOBS are being interapteeld and reatti anywheres 
netwartte are contnWteld by a foreign goventimsertt. “Foreign netwmifk prowldferss can disaiWte 
mottalte deviate encryffttamn and them tuimn it back on after informtetoon is interaaglfeEH". 

Power Dowim When PossHdte 

Trawtetess shouiltti tuirnn theiir moWte dewiraes off when not in use ini order to 
linrriit the poterttabl for compnarrrisee. It is best to also remranxae the battaiyy and 
SIIMI card, and store them separate^ from the devibte. 

Steer Clear of Cafes 

Imtemrtet cafes are NOT a safe altenrredfcree to utiildigg your own electarmcc 
dewcass. The compiuttess at many such estaHdldtmeetSts have rnailcribjuss 
softasree that can captures passwords?, bank accoiumtt or credit card 
infdimrrtetiMjip, and the like. Never use cafe for offfiiritel buffliresss. 

Be Responduee 

In the case of a security/ incident, know the proper metHrartf to report tanmp®Trrgg, 
unaulttoEedd use,, loss or theft of IT media to your Component's IT Security Staff. 

ContMtouftVtigjSources; /WasHfee; GCN 


Visit Ourr Website 


Newstettber 


The Jiui^cieSeiwtty^Opgartfftiraneesteter 
(JSOC) News You Can Use 
Newsleftter striwees to protasdt it®atfess 
agalnstt Intentet cyber thraastss by 
keeping; them up-l®cttefee on the latest 
securittyy issues, vulhrerddilitibes, and 
compuitter user ttpss. The thiregfes we 
address affffertt ycou daily— at work, at 
home, and virttidtyy everywlteee in 
between-aadd we providte the 
inforrmatoan you need to know,, in 
terms you can understand. If then® is 
a specific tgpiE 5S®*J would Kite to see 
discussed in a futures newsletter, 
please ermaill Jennifer Jones at 


Awanantsss' 


Cyber Security MyUh: Attandfess 
only taigrtpeiwdewjth money. 

Tnuittti: Anyone cam beam™® a victim of 
identtttyy theft. AttacHtess look for the 
biggesttrearaald for the least amoumtt of 
effiontt, so they tydb^ 1 ^ tanrt^tet 
datdtasBEE that stamas inforrntetoon 
about many peoplte. If your 
infcnmteidiQn happens to be in the 
datattaBBE, it could be collected and 
used for malliacaiis purpsses. It is 
importtortt to pay atteritton to your 
credit infdrmteitjan in order to miiimfrrizBe 
any potemttdilddaragge. 

Source; wwMj.us-cert.gmec/ 


EnviranmenHially Consdous Travail 

When feasHdte, make it a habit to take 
the traiiTi, bus, or subway during; 
business torawaij, instead of a rentall car. 
If you must rent a car, opt for hytarttte 
and other high-militeggevebtolelfi,s, which 
some rtertah6gge®ieies(jwi®ffe(ifer. 

Better yet, utillEssvsbldeooofdesTericgigraQhd 
other techimdlHBifel solutams that can 
rediiime the amoujiitt of empltay®® trartel 
when possible.. 

Source; Sierra Club 


**TMsdoawm£ntfs InianlteforDgutlMenWJttsliiieinlBrnitiseonlyairilis not to be disfaiButtetbulatetteDa paMim i i i t t** 

Questions regarding this newestetteror requests for permission to redistribute should be directed to; 

JSOC 202-3BS70ZB66 




















Free Apmlie IPad! See Details 

http://DbB.aVy/ 

#UKnowUBroke #nnvrm #elhite PS3 


Tii$ Ses®sm... to Get Scaimrextl! _ 

The husfflte and busflte of the holictfe^ss-- witftn shotjupsEs 
lodkirng for great dead im a hurir^- prarciitess an excellisrtt 
opportunity for cyber criimrirra&s to strikes. Don't befandtett by 
the comnwton scam® below: 

Free iPaoii Offenss 

WitHn Appte prodtiuflBs being iin high) demsmti this season^ lots 
of phony offers for free iPads and other metitritardibee are 
cinsudfeatrtgg omU'rree. Some usetis receives spairnn email 

messsgps that offer a free iPad wrtHn an onlines purottesE. Those who attongtt to man® a credit 
card! purstteee receive neither the produuflt they suppesHflyy paid for,, nor the free iPad they 
| were pnomroseld, and theiir account inftnrrrrediban 

' ' s in be harnte of cyber crirniindds. Othees 

have enccuntferedd quiizaas on Facebmatk and 
Twitter that promise a free iPad in exchanges 
for answKBfttrgg a few queritomss. To receiree 
theiir fiim^l rewrite, indiwcUiatels must enter theirr 
Freft AP{(D(te IPad! See Details celll phone nuirmtaT, whitrih autarrradkiafiyiy 

http://DbB.aVv/ subssnrlctees them to a celll phrare scam that 

#lfKn<mtlBroke #tltm #Cllliifee PS3 changes theiir accoumtt $1® a wedfe Malimnims 

| i pr-rates a#*; *i*vl*!l lintecanald other counterf&iit offers for iPads are 

11 ■ ■ also comirnram on smote I nebmrsrWoiigg sites 

rw Been Robbed)" Scamn 

This scam appeals in the foirtm of phonyy distresss messages fironnn somwures y«u kn«»(, clainriingg 
they are out of tawm and in need of money immedEdfetyy. Do not falll prey to the 
sense of ungjenyy— first, calll or email the suppasteiyy shrancfctefcl friend in order to veriffy theiir 
clai'ims. OreBroeesatoe, theyfee fine and you/W e encounrteedd a scam 

Fake Gift Carote 

Cyber crinrrirteis use phiidtifrgg scarnrs witHn offenss of free 
gift cards to steall useird' persnntel infonmaation and 
mmmt^y. The offenss can appear as pop-upss, emailBs, 
baraieBS on wed pfflgpss, and moire. "The ruse may say 
somettiiiigg like 'The first 20(1!) peeptte to ’ILiiHfe' [imsentt 
wellH4ki®B*«n retaiteif] on Faceboolk willl receives a $50® gift 
card)' Them, to dawn the pride, yorur have to enter 
peirsairaJI inldnrrraaibon or take a bumdh of online quie^sss. 

The perssrrndl infoimrteiaan is used for iderrtityy theft 
punpnsfflss, and the quiiz resiuitfes are sold to mairttetos, 
netting the cradte everm moire money". 

Charity Scams 

With inoresEfflEd grvihnDg, comas inorasBsdd swirnutlilrfigg . Whem snrrasideiirng domattrirgg to a charityy 
onlltre, remenrrtter to:: 

• Caretiiltyy chedk the name of any charity/: Charity/ scams use nam®s similfcBT to the oriigjrtel 
charityy in order to cause confluttoim and obtern your donattamss, i.e„ Natfetel Cancer 
Society (scanm)) instead of Ametcamn Cancer Society (legittmaatf). 

• Check the email address of any message frarmn a chairityy. Charittssss 
sending) out emailte should) haw tap> level domains like .org, .conn, or 
.net and the email shouiJtd come franm this doimarq, not a free promoter 
like hotrrraalil or gmail. Howewer, as a general rulte reputable charities 
oto/rnTt spam and you vusm% receive an email from them direct/iff wltAmutt 
yemr prior inquiry. 

Contributim bj Sources: ftc.gov; newsroom. mcMefR/njorry, eidergad^ett.crrswi 


**Thfe docnmtffrttis intentetfor Der pa f lro etitrfjtestfce intanmdluse only and fs nottto be 
disrbnauttefcbutstAethie De gw i I r tiaHut ;** 

Question# regarding this newstetteror requests for permission to redislmtarte shou/d be directed to: 

D5BHE 202-3976QB6 6 


The Justtiie^3turtitVOpq<attdiit$ilg0Ei4erter 
(JSOC) News You Can Use 
NeswftlAtter strides to prattett naaaltess 
against Interreit cyber thiresSSs by 
keepiin® therm up-todidtoon the latest 
securiityi issues, vulBieiteilitibes, and 
computer user ttpss. The thnffitte we 
address affestt yaiu dtBiyy-- at wortk, att 
home, and viirttiadltjlv everywitece in 
between-and we piwidlte the 
infwrrmAiaon you need to know,, in 
ternrteypwjoaTi iurrate6ififfldd.If then® is a 
specific topid you would like to see 
discussed in a futures newsletter, 
please email Jennifer Jones at 


Cyber Awsmeareess Tip 


Power Surge Proteattnmn 

BrdlsiteTtt winter weather is headed 
our way- keep your Itrunee PC safe 
fnatmitesvteiSBtg^arahabttiita^gelsyby: 

• tirmasStiiigg in a power strip) that 
preterite agaiiirrstt power surges;; 
many/ stripteaaftedirSseaiinpqiiBiatiotion 
if they do not effectiitejy preterit 
your computer. 

• Duriim® a ligMnirrgg stoimm or 


odds of power surges, consider 
shutting your computer down and 
unplugging it from all power 
sources. 

Source: US_CERT.gov 


VPR Alerts 


Green Tip of the Monttti 


Green Holkdayy Decottattegg 

When deckiirr® your halite this season, 
keepflteffleffleeertipips in miiird: 

• Reuse ateiOTatiiMTiffiffaiirnyesB'r to year 
to save mon^y and preventt 
u nneuffissansywaate e. 

• Buy energjyeiftiiaBhtliglgbtssusilnch as 
LEDs, and put therrm on a tmrsrr so 
they aree'tt glowinrgj hours longer 


Source: eaarfbMlfoarom 
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Visit Our Websit 


Security Awanoxroess Tips 


, Thanltegjivigg Thrreattes 

White plamirirngg parte®, prmtthgg out invitaiboas and 
I fiimdmg new reciijs^, many peqpte forgte to be 
I parti t&iltetyy carsftitl bnotorrgg the Intenntet arountij the 
holid^6S. Be awair® that cybeiarhimrriabls are utillraiigg 
1 seanpfn reauitts for connrrram holSuttQy terms to attaitk 
unsuspeattwig users. Intenrreat searettras 






IteittatooBS'' and "Print tobde 


often vielhd malltrimtss seaimth resiuite that 
redireestt users to fate antiwiirnss sites. 

Once dowmlibaatdPd, the software willl do 
“a number of annoyngg thing®, sudtn a® 
hijjadkrrcgg weto brotorngg sessimiE, repeSteifyy playing) 
compuitter is infested)',), and genenEdbiigg popwflffiS''.'. 


What is Fate An£ivrins3? 

A fake antra hu® is a warning) 
message that pops up from a Web 
site and cUaimes the user’s computer 
is curremttyy contamrirralteld or not 
rurtnitigj proppelisly.AiSoocalildd "rape 
antwrusS" and "scaremancB;" fate 
antwiinss is a dishomastt attemptt to 
cause a user tto purchase anrttviriitBs, 
registry cleaner or some other 
software; that repairs protMterres or 
enhances fltoffomaaoee. 

Source: flacns^grcom 


messages over the speattess (E.g. ’Your 


I Leant now easy n u to make wfcay ffitfmtgj tv Thankeatvtno tamer..,,. Tn 
Stuffing R wt ft i m , My SreauGranbrnotne^s Stufflni - Ctwatnut Spiffing ... 

outyctoote atwadt oaititQtilttKS^teora^fr ^fflno ttPlhnim- < Qacfteo - SirinlM 


•tutting rtxiip* made With French trbtad cubes 
ta fantastic dimension to Dus fairiy treomonat uttitnng ... 

e eomi(WB*|ite^arctev»siOeOlE)^^ • CflEtregl 



It is impcrtteitt to examinee any link 
befaree clickfrgg it to mate sure the URL iis 
related to the seardtn youu comdunl&dd. 
White titrate does not guarantee the site is 
safe, it is a good prewarttetwe meaairee 
that can hel)p you steer clear of malltridiiiss 
linlte. The best solution;, hovwexeer, is to 
twse the soedffibc URL of your inteutedd 


desShaiibon in the addesss bar rather 


manuteljy tygarreg the URL in the addrasss 
bar,, you can verify the infanrrriaibon thatt 
[yoiuir weto brow®!}] uses to access the 
destirralition Weto site. Tod do so, tyflto the 
URL in the Addheess bar,, and then pre® 
ENTER". 


destirralition Weto site. Tod do so, tyffffi th 
URL in the Address bar,, and then presr 
Seaichesnrttojedkfl:hauriteasiaklltMtrr^jr«ngB sMWmfl recipe ENTER. 

If you encounter an arnti virus popupp, 
immrBdfatteiy close your browser to avoid uniintterlfejoaBijHy downiiaatihgg the maltose, and 
confcaitt your Compoiitertt's IT security staff immadidto^iy. 

Comtoibutirrr® Source: pandaseniOTily.ooTOr micros©®, com 

Fake USAA Phisttrimg E-mailfes _ 

A recent phisltrifrag scairan has used the name of the ft 

United States AutomnMbde Assototoan (USAft)) to lJSA *' 

lure victims into hamdh® over theiir crediit card cABmouiHm rcm™ 

infamnsSioon. Recipients of the email are asked to 

click a link to filll out a "new version of USAA <t 

Confiimrrtoibon Form.."" Once thc^y click the link, they .—....... 

are redirected to a phiisHringg page witdn a fate fomrr 

(see image at right)) requuesltmgg theiir onlihne ID, __ 

passvwrtd, name, e-imraij, USAA card numttei;, _____ 

exprirretibixnn date, security code and PIN. 

There are sevetel warning) signs indiisattirgg this is . 

a scam, howwmr: a smalll misttsdte in the wordrrgg »*■—«——■ — - - - 

of the message, the use of shorttetted links (to — 

hide the actutel destrreatoon URL), as welll as a 

browser waimirrgg that there; might be a protoitem 

witttn the deslfirralidon URL. 

Contmitaiittriigj Source: net-seoiOTilyffln® 

* * This doeiMfmrtti's in tended for Deffantmentiaf Justice rnterrrail use only and is not to be 
distriinutertloutside the Deflrarrftmrartt* ** 

Quesfi&fts regarding this newstettteror requests for permission to redistribute should be directed to; 

JSCXC 202-3570Q266 


What is tttne JSCXC 
Newsltetfee?? 


Abowtt tth® JSOtC Newsltetter: 

The JusficEB Security Opetetomss 
Center (JSOC)) News Yaw/ Can Use 
Newsletter stiriuess to protBsalt 
readtees agaiintet Imtteirrtet cyber 
thirajats by keepi 1 ® them up-ttodiitoe 
on the latestt security issue®, 
vmihteatobffliltes, and compuitter user 
tiflas. The thitofes we addrass aflfadt 
you daiSljy— at work;, at honr^, and 
vlirttxtaiijfy eveirywiteeee in between— 
and we pro«idte the inftairrralition you 
need to kmmwt, in teimunK you can 
undettebawldlflf theice is a spedffe 
tofpitj: you woiuild like to see 
disnustefcl in a futuiree newsletter, 
pleas® email Jenniffer Jones at 


Cyber Awataraess Tip 


Sate Onlirree Shopfpiftgg 

• Use antii-wines sofliw/ace, a 
fihaa/veHII, and antitoyyvaaare 
soffwace. These are your frirstt 
defense stohstt viitu®sss, etc. 

• Do bus mess wrttti repuittetde 
veimtoes. Verify that the vertdair is 
reptuitetbfc and estabtisteh before 
praroidUrr^B any personall or fiinamiieril 
informal toon. 

• Be wary of emailks reapasttriigg 
inffmrnalitiDn. Legitirmflee bmsiraesess 
wilil not solidilt account or personall 
infbnmsaitjon thrau^h emaiil. 

Source: US CERT 



Green Tip of the Month 


Smarter Recydihgg Dos and Don'lts 

• ffeMlt tcmiaih cam®. This is no longer 
necessary ftorppaioessisig.g. 

• JSBsMtt ttotKEUtgitify clean every 
empty jjait. Machinery at the 
recydfrr®0BHli4eBviiiitllffi4een jjans. 

• QlQ sort raoyjttototees. Some 
recyudlrrsg cento® thntww out 
ret^dtedte that arermattssatedd. 

• QP reryrite gltoasy paper. Most 
cento® rnmwaacepbtnai^araeses. 

Source; bestgreemfaEnmteflKcom 






































’'IM S" Affiants Iintternat Expkcnaar, Chrmree, ancdl Fireftox 

A new fate anti-v/miBs scam inn the form of a browrasr waimrirrag page has been spotted by th© 
Micrsg 0 }ft]\Matoi^^Rjieteicilrion Center. The rogues, dotofedd' "MlSIUZSaran?"," has been spotted on 
varltsuss compreOTiaedd weteitfees, and is ablte to detedt whettter Imtorrait Expksnwr, GEttifemee, or 
Rrefdx is being used, them genendbe a 
malwsnse warning) page very sirmfer to 

ttwss: display fey tte respsSwee 

brcweBaa'Bs (See phoney Iirfemait 

Exploiter page below)). 

It is importamtt to note that all "the 
’wpotetes" point to a copy of 

MISIL//a®ean that pr«wirii®3s to prowittte 
'a new appnoraot+i to windtowffi 

detected',' but Irnittsmat Explanger, 

RrefioXr and Chromes do not offer 
sudtn a solution wfoenn a weibaitbe is 
blodteed" (Minrassiift Malwwes 
Pirotedfan Centei))- Addittoratjiy, 
many of the pages have obvitouss 
grammsBT and spelllhrag misfedtes, such 
as “Get me our of here"' (irndteati of 
"ouf)) in the Rretox wamrir® page, 
and "PntDAern antivirus protefltonn ffim otree click" (raJHiter than “iimf')). If youi encounter such a 
wanrrirag page, hit Alt-fFtt am your keytasacd, whitoHn willll immHtJiatelly kill the brorossT (Seltett 
"Camcdf" if a dial to® box appears)), to avoid uninterliboaayiy downrltaiditigg the malW®ec, and 
content your CornpnriBrTt'fe's IT security/ staff right away. 

If a user clicks the "Update Now"' or "lUlpgradd” box on the page,, theitr computer will be 
infected and the phoney "Wiin7 AV”' produudt will ttae insfelted.. It state by comdunabiigg a fate 
scan, inditoattrigg that it has fouinrati maliintniss filter, infcdtoms, and the like. White the scan 

appeals legiHimtete (see image at 
left)), it does not actudlty inspedt 
the user's computer, and the 
reportt it generates is cormptetefyy 
fallse;; "the feattuees don'tt woitk; 
everjjtttimgg is then® just to look 
nice,, not to offer any kind of 
protejttwnn (jiustt like in alii other 
rogues antiwross progara))” 
(Mknraadft Malwares Protedtamn 
Centen))- After the iniiltel scan,, the 
user is inftnrrifflEld that the program 
has deteittetl vairiintss prototenss, but 
canmmtt eradiate therm untes they 
upgiraotte to the fulll veteran of the 
program (i..e. pay mone^). Even if 
the user chooses not to purtoteBBS 
the produett, the MSIIL/,ZSsr@en 
matasaree is already/ on their PC and 
willll display rermrnctoess and warming) messagpss stating) that the computer is infested. If the 
user does pwrattssse the produett, th^y willl be paying for an inefftotoee scammer, and their 
creditt card infoimfetoan willl beirn the hands of cyber crihnihtebs. 

Contributing Snumermmw. blogs, tsdbnet. comflty/rimpiDf:/ 

* document is intent eld for Department of Justice internal use only and is not to be 

disitrilbutdd outside the Department. ** 

Questions regarding this nemsf&ixmroir requests for permission to redistribute shouid be directed to: 

JSQCC 202-3B75S322 
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About ttbre JSO(C Newsletter: 

The Justijes Secuirityy Opeifetones 
Center (JSOC)) News Ymm Can Use 
Newsletter sttriuees to protest 
reate6s agai'nreat Intertet cytar 
thrifts by keeping) therm up-to-etotde 
on the lateatt security issues, 
viufhtedtlOitit'ds, and computer user 
tip®. The thrraats we adstess affeatt 
youu dailly^'- at woirlk, at home, and 
viirttotel^y evenyydteeee in between— 
arid we prowictte the infanrnaiibnn yoiui 
need to know, in teraisB youu can 
undertetandd 

If theiae is a specific: topic youu wowitti 
like to see diismisBEKtl in a futaree 
newslldtter, please email Jennifer 
Jones at ieiifefejfQiiiiteftaifo 


— 


Cyber Awsmaarreess Tip 


'Tirste iPhone!" Facebarakk Scaimn 


Bewanas of iPhomereitotedd statto 
updates fnnim firimirhts on Facebodk, 
witth claihirES like: "Just testrrug 
Face took for iPhome out : (P (Rteoeived 
my free iPhone tod^y, so haptw 
lol... If anyenee else waintts one go 
here: (liimlk))'". Users whim clink on the 
link are asked if they want to 
“Alltawr the appilcSIbon to access 
their basic infairrraiition. Click rrm 
“AlloW" enaltiites the apdlccdtoon to 
access usete' persmfel infdtrmallbon. 
as well as to post on theiir wall . Each 
clidtc eamres coimrrriisssjon for the 
scamnross. Impacttetl user® shomitd 
imimtediat^Jy deltete refeemees to 
the free iiPtlraree fmam their wall!, ante 
rermrittee the offantimgg appllfetdicin 
fnnnrm Accountt/ Appiliitetbon Settings. 
Source: wmm. net-security, orgfsecwmhsi 



VPR Alettes 


Security Adviterees 
MIontHrltv Wrarro-Iltn 


Gresrr Tip of tlhe Month 


Swiittrth out your dispratetoe plasltte 
hand soap conteirraess for reffllttdtde 
hand soap pumpas Most bramtte offer 
bulk soap reffiilis, and youu willl be 
saving both moms^y and landfill space!! 
Source: www.bestgreenH7omelips.com 
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JSOC Iisaugs Two Aleitite to DOJ Compuitfegr Useres _ 

Com putter '"Woimnit" AttecMes Fedetel Agsnriess 

A new computer “wontmT' attteastteetl severedI federtal ageimnees and Fortunes 500 connpBrmiss 
yestsnott^y. The mailed toas emaill messages contain the subject line "Heir® You Have"’ or "Just 
For You* and contain a link to a seemfmgjyy legrfirnsaufee PDF fate. If a user clicks on the link, 
they willl be rediiraalfeeld to a malibaouss 
websiitte that willl prompt therm to 
download and install a screermteaerr 
(.so)) fill®. If they agmsffi to install this 
file,, they willl become infected witHn an 
emaiil worran that will contrmee to 
propagate thirosugfh theiirr emaill contents 
(see Computer Worm defirrittornn abowe)). 

The DepartmreBTtt of Justime receiioiestl 
over 200 of these emailte but the 
Justice Securiittyy Operations s Center 
(JSOC) actHteteb the OCIO ImddBiitt Response Actiton Tearm and bltamtte were instituted at the 
TIC Interest gatemayps. AdditttmraSjly, CompwuBTtfes were requiiieifcl to update all antixiiciss 
produnlfes in use, whibdln mimirntaEeld our expmiree to onl^y six infsfltetl madlrirress. Even thiaugfh 
the Departmeartt is now protested, sometime® the adweteuraes chaimpe the 
emaill to look slighttyy differentt so they can get past defames. 

The Departtrrrartt asks that all users carefully/ wateth their emails, both at 
work and on theiir home machiiress. 

AtteaHerss Attempt to Ac®e^ Departtrrrejfflt Systems Thrtsm^h 
Mtalfeibms E-mail I WE) 

The J ustice Security Operators Center (JSO C)) 

l§§iptsff te §iy# aftetsitefgs f§m& m§§§§ te 
Departmresrtt systems. Due to the recent increase and natures of tltae tangpted intnumonn 
attomrpies, we urge users to be extra cautiauss wheim opera mu e-m ail m es^aess at w ork and at 
home . 

Typically, users willl receixee a mallniduss message disgusted as a legitimate e-mail contarrlhgg 
links or attaPIrmesrtSs, often reterhiigg to U.S.. goverrmwrtt infswmtetoaci, reprsntfcs, conferences s, 
or meeting} agetmtos. If a user clidtis the link or operrs the attedtrrrBanrti.t, the attestor can gaiim 
fulll conlnatil of theiir woirtotetann and infusitmtatoan. 

To reduces the risk of comipnamissigg your DOJ worrttettaitjon, be alertt for unsollrafbeld 
e-mail messages and keep in mind the folfbnvrmnig traitte commresm to malidiams e-msall 
messages: 

• Subjjsitt matter relistted to reciparttes work, possittljy contahihgg actual I U S Govermtrwrit 
infonmrealmon 

• A sens® of urgenroy/ to comsiireee the recipisrtt to open an attedirmreiit or click a link wiiHrim 
the messape 

• Conviitroiirttiig contemtt such as upcoming} meeting agerratto, reports, infdtrrmatocin on current 
eventls or policy issues 

• Seemingiy/topptriatete sender (goveirnmwrtt and conwraraatl addrssssss, Including 
(§>usdojj.gjiW) using legitiirrteee signattuee and contestt informatban 

• An attedlmrraTtt (typically a .pdf or .zip fiilte) or link 

The Justtee Security Operate muss Center wouibtl like to examine; suspastteti mallidcmas @--maill 
messagjts. TRd preserves the hiddsn message infoitmtoiban typittaiyy imrlfflfctkte to average u§tf§, 
suspietous e-mail messagus, must be sent to JSOC in a certam way. To forward a 
messag® for analf l ^asss, please follta/w the instnuotlboBs availttdte on JSOC wgtteit©" 
htto://dorrrmtdgbol .gov/ii md//lhrtoifffeegutvftstotlocu menti^i^MtoQsr&mai'laAhlBtrtMitaltta I. pdf , 

dei5iumterit/s in temderfl for Depurntmenttalf Huadtoe intemsfl use only and is net to be 
distrdnuflretJoutside the De/payrttmeriti.’ ' 

Qu§§&@ft§ FggsfdifM} this newstetrteror requests for permission to redistr/itauteshould be directed to,’ 

JSOC 202-307^5332 



Com putter Wormt: 

A softwares program ttotissoteacgTeettctocffiwytjlBlfelf 
froran one computer to anottar, withomtt human 
intenacttdian. Unlike a computer virus,, a wortrm can 
copy itsellf autmtetffi^lDy.WBamiscaBnrepliiitatatenin 
great voUuurte. Fdra3canrTptde,aa wantnuncejn saarttl out 
copies of itself tto every <ramt6BKttirin your e-mail 
address book, and them it can send ittself to all of 
the conttaitSs in your contacts e-maill address 
books (Micruseflttaoiir^.). 


Visit Our WebsrtJ 


What is the JSWE 
News! tett fce'f? 


About th® JSOC Newsletter: 

The Justus: Security/ Operatttmss 
Center (JSOC)) News Yaw Can Use 
Newsletter striixees to protentt 
reastess agaimatt Irutertet cyber 
thnatefes by keeping thenm up-tantefee 
on the latest security/ issues, 
vulite^lilitifeies, and computer user 
tipsE. The thretefes we addrasss affertt 
you daily— at work, at home, and 
virtttelljly evenywtteee in between— 
and we prooiclte the infsairrraaibon you 
need to knromf, in terms you can 
undtetetorald. 

If then® is a specific topic you wouiJtfl 
like to see disoiteEatl in a futuree 
newsletter, plteate emaill Jennifer 
Jones at ieirrrtefter.iorTieSJKBiiLgottp.Kioov 


Cyber Awansrcess Tip 


Safe On lime Gamimrg at Home 

• Be CBieful when attownloading free to 
play (F2P) clients on your horn® 
computer. Iff the cliertt safftoeaee is 
mallmbajs, ynu could be putttagg your 
PC at risk. 

• Don't give out your logim 
infamtetann to stranrprss. In fact, 
don't give out ANY kind of 
infamtetonp, personal! or not, to 
people ynu meet garnirng. 

» Avoid fallihrog for the old "FarmVillte 
Secrets 1 '' scam.. You willl either 
dowitertl aBTTojgan or expose your 
Facebook Itogin iinfo to crinriltete. 

Source: www.gizmodo.co/nra 


SecuiritW Adwaaraes 
MonttiiHv Wrato-UUn 


Green Tip of the Month 


Thinlfc Before Youu Print 

• Ask ycuinteff: could this to® read or 
sttMad onlimiE instead' 7 Make it a 
policy to post empICyte manuals 
and simitar mateteSs cmtiltee, ratltmr 
tharn distnilhdee print copes. Theyhae 
easier tto upntaee that way tea. 

• Request to be renrawtaJ from 
mallrrag lists before you recycle 
unwwrteetl mail. 

Source: www. sierrac/ub. typepad.com 
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Secu rity/ Awarerreass T ip_ 

firramasse in Sociail NetworMingg Scanms 


What is the JSO(C 
Newsltetfee?? 


Ifl Ite pr@§SWl 9 ib 0 n t© th® Nous® JudiPPijy SubcoimrrTTiteee on Crimes, TernorraOTo, and) HomPtotstj 

Security last monfHn, the FBI repanttet) a sigimifftEaniit inertness in 
the use of social! netwofemgg accoumtfes in IntenrraSt scams. 
Gordem Snow, Assistant Director of the FBI’S Cyber Divisam, 
ststeotj, "The surg® in the use of sociail netwarkkigg sites over the 
past tw@ ye* has giwstm cyber thiiexess and) chW predtatoss 
new,, highly effeeflvee avenues; to take advanfegpe of unsui^BHliriigg user^’’ 
(wwwirreetodnfcsMtctld.com)). 

A couple comiwom tacttcss used) on sociail netwafeiiigg sites indijidte: 

• Data Mining], in whieHn cyber criimrirfeis extract bits of infommdtoon abouilt victmss andl them 
use It to scam therm. A commram exarmpfe is a "getttrrag to knew yarn quiiiz"' on a sociail 
netWOTlttrrgg sit®; "Whilte the answers to these queart cores do not appear to be m alien muss on 
the surfetfe, they often minute the same questtoms that are asked) by firntBrottel instttitiboss or 
e-iirirBall accowntt prcwictoss when an indiitebiiail has forgottfeen theiir password)’" 
(www.ntetTOtk\to«yicWldoro)m). Scarmimras'ss can thus gain infraimatiban that will alltow/ them to 
access the vidfinTPs emaiil, bank accoumfe, etc. Addiittccrraiiyy, coltarttngg persnnfel infdwmteibon 
is made even easier because many users "often accept into theiir prmtote sites peoplte that 
they do not actouPlJy know/,, or sometSmass faill altopattar to propaityy set prirecBiyy settings on 
theiir profife'" (www.netwsaiHwooWIctocTiyi). Friendte of friierratfc shouiibU not be able to view/ your 
birthday, celll phome nunrtair, or any other infcmraJibon that coulhb be used) to impensainaJde 
you to creditt card compariess, credit unranss, etc. 


facetmdk 


About the JSOE News) bitter: 

The Jusfee Security Opetetdmss 
Center (JSOC)) News You Can Use 

Newstettfecr stiriwess to protatt 
reactors agaiimstt Iimferfet cyber 
threats by keeping theim up-todfdde 
on the latest security issues, 
vultos-Bifflitiidtes, andl computer user 
tips. The thuEtefes we addtajsK affaslt 
you daily— at work, at horn®, and) 
viirttutetyy every/vttaee in between— 
andl we prowiitte the infdnmteibon yowi 
need to krtcwf, in terms you can 
undetofeandd. 

If then® is a specific topic you would) 
like to see dismast) in a futuinse 
newsletter, pleas® email Jennifer 
Jones at iei™feridoes3@asttadagogov 


Cyber AwareereBSs Tip 


• Data mininneg can be appitetJ in PhisHrimg, in white cyber criirmrrteis attempt to acquires 
passwranotts, accoumtt nunntemss andl other sensittvee infoimnreatnxnn by prettereHiigg to be sonmsBrse 
else,, often thraugfh persrafeilzBeld, legiilirrraJdeldcldkigig 
messapss. One exampte is a warming message that 
appearss to be from your bank,, reqiu®£tmgg you submit 
your account infotrrraJibon for veriffbaaippn puipossss 
(note that most banks will! not contact you via emaiil 
to gather infarrrtotnxiJii)!). A recent phitefriiirgg scam that 
has plaguiHtl Facebock and) other socitel netwrerkfoiigg 
sites is the "Help, I am stiranrcfed'!" scaran, in white 
victmss receives a message appeanirrag to be from a 
friteidj, clairniiingg they have beeim roibtasiJ of their creditt 
cards,, passpomtt, money, andl celll ph«w®, and are in 
immediate need) of mom^y. White the simpfee solutotim to this scam is to calll the suppsnseifyy 
stiraidtet) frifed) in order to ver% theiir claitnss, many useirsf&lll prey to the messacpdss sense 
of urgency and) send) moim^y. Phishing scams can be found) in messages?, links, or vidtocs 
(appMmigg to be frornn friiarofe) witttrim the site,, oreemailSs sent to users claiiirringg to be fronnri 
the sociail netw/BiMcngg site itsellff. 



"Keep> Me Slgimst) ImT Box 

• If you are not on your personal 
laptop or home computer, DO NOT 
select the "Keep me sign®)) iiim”' Itaa* 
on websites. 

» Alttaugfh your work computer may 
feel like it belongs to you, a 
snooping) co-wrontter could easily 
open your browser and) access your 
accounts if you stay sign®)) in. 

• If you sign iin tto apart cuter site, do 
not jurist navigate to another page or 
close the browser Jobe sure to ston 
out as welll 

Source: wwwz.gizmoda.com 


Witttn the grtwnirreg number of sodPI networrklwigg scanm®- annutel criiimree compiarrtts han® 
inrai^SEld 667.8% betwaaBTi 201011 andl 2UQ/B- it is impoirferlt to utillite socipl netwcoWimgg sit^' 
priwaayy settings, browEte cautbauijy and contodt the message sender before cltakirrag anytt+irrag. 
ContriiMriffiiifgg Sources: www».networkwmnM/mrrrifmage: www.gizmodto..a 2 »m 

User Awarearcsss Tip 

Wamrih^g: DOJ Usettss Tar^afeeti in Parlttri^ Permiit PhisHrirr^ Scaimn 






A num ber of Departnma adt of Justtrae users r eceivtetl an e-mail mess age disgiisKtl as a | 

_ witkth gn tttoPmfeflt ■■■■■■ Thd tffesrtmddtt isi 

but instead) rediiaatts users to a site contairriiiigg mallmtuuss softowaee. If your encounter 
a massirge of this naburrss, DO NOT opetm the atHanferffiedt, and) contarstt your Compatteiffe's IT 
security stafff immmKtfe&hiy. 


• *Th)c dorjtvmGntis iuternTtotlfor Dq pm r Ln wefimffUsMice internal luse only and is not to be 
disteihitfeelttoutsullBthe Defpar/tmonn t. W! 

Quesf/tome regarding this newstetferor requests for permission to redistribute should be directed) to: 

JSOC 202-30775332 2 


Green Tip of the MontHn 


Water Co n served too n 

Be sure to turnn off faucets completely, 
ensurihitg that they don’t drip. A feiuost, 
leakiin® at a rate of only cm® dfep psffr 
second, can waste mures thban2S5 liters 
of water a day - thattSs about 10 00® 
liters cBypaar. 

Source: warn a bout com 


















Security Awaneeresss Tip 


Zeus Botimstt Kmsarmafeeld to Exploiit Credit Card VeriffoEdban Serwibsss 

The Zeus botmdt, a Trcjjan horse that stedfes bank mg infamradtoion, sociall netautrkliiiigg logihrss, 
and email accounts, was first seem in July 20®7„ and has beem wides^readd sinraeJluee 2O0ffl. 

Zeiuis is parteulddyly diffibuHt to iderittffy, because it is 
rerasrrffgpwdd moire often them most maltore, due to its 
creattoss “...alltowingg other cybeitnfihrirriafels to licetmse the rightfes 
to use the maltore. As a resultt, there are many different 
gamp ruimtirrigg theiir owrni licensed veracmss of Zeus and 
distributing them indepanddetitly" (SC IMIagaziimd).. 

As you may recall!, Zens reswnfiaedd eartyy this year as a 
series of emailfc tairtpsbiigg Federal I empltiypees. The messages 
appeared to be frarnn a repwteflde CIA figure and warmed agaimst a Ktussian phisHiifrag attsadk, 
then encowirajpeld rec|p tends to insfedll a "Winattows update'" to protest theiir compuitess. 

The most recent incarnation of Zeus, howexrer, posesassaa - 

creditt card veriffdaaibon page. Qtirore dOMtirltoadeld, the maltoee 
waitlss for the user to visit a bank website, then emeigpss 
(appeamrgg to be assoistiated wife the bank)) and asks the 
victim to filll out an enrdlinrertt fomm for the Veriffedd byVfisa or 
Mastetraardd SecureCode programs. The phidtimgg page states 
that "Due to recent chanrgpBS in FDIC Depositt Imsuirreraee Rules,, 
all SHUT customers must be enrdlteld in the Veriffred by Visa or 
MastendSacd SecureCodae program depamdiirgg on type of your 
check card.” Once the custotmrer submritfes theiir infusnrmatoop, 
the data is used to register accoiunrtfes witHn the veriffoaiibon 
services and perform frauwtlilteTtit trafeffititmas. 


- it - E~ 

'—*» I 


With 15 US fimsHTOiahl instittUtooBS affedtetl and an estimated 
1 in every 100 comprutters infested, this has become a 
whd^Traaald prdtolerm. If you encounter an uneaprertteld Visa or Mastereadd veiriffeaibon page, it 
is recomrrreealddd you close your browser and content your bank regatfliirgg the issue. 
Comtor/itoMttima Sources; www.v3.co.u-;wwwi.scmagaziaeus.com 

User Awanearosss Ti 


Fake AV Vendonss Offemmg "ILiwee Support'" 

Fake Antii Virus software or "Fate AV" comsidfes of phony alertts or wamrirrags that tytpcsaiy’y 
pretend to scan a victim's computer, them claihm to find some fomm of maltose and seek 
payrruaiitt frarm the victim to renraarse the (noim-«ci3itet)t) prodtem. 

——^— As if this scauirn wasn't decepttwe enough, some fake AV 
Otirteh«t devdbptess are now offerirrag "live suppoirtt" to users, in 

order to conwhoee poterttsal victims of the legittfnaayy of 
theiir prodiclEs. ffitesearch fouurotl that there was in fact a 

X:~TT“'.~- person - not a betfe respwnrtiirigg to questtems about the 

_product, and “Thx^y are offetfngg support by email), chat, 

and phcmae and are very wdll orgrarffited .Yboucaan get 

—■ i n i i. .. i ■» uninrsttoldess for older variants of theirr predict, and a Is® 

trrialI veirsams for theiir newer produsttS" 
asm ' i i i nr i r nnii ii ri r . (win*.secuifeistt.corm)) 

CT—— - » i ;B Rememrrtter that scamnnress are constantly homing theiir 

—a»=aem—i— attedtcs to ensures they vkdimMee incresfeiiigg nurnttress of 
computer users; phome or onllrres "supprmtt" does not prawe a parDicuJiar antiwiioss softwace is 
legitimate. If ye»ui enccwntter an anti virus pop-upp, imrmeda&yy close your browser t© avdcd 
unintertiooairily dovwrlCMiifigg the maltore, and contertt your Companrert’fe's n securit^y staff 
immedMt^ly. ContnfoutMwa Source: www.securelrst.com 

document Is Intended for Department of Justice internal use only and is not to be 
distribute/d outside the Department:** 

mgardin^ this news/etSS&ror requests for permission to redistribute should be directed to.: 

JSOE 202-3K7SS332 


What is tite JSOC 
Newslfetfce?? 


Abotit tth® JSOC Newsletter: 

The Just ate Securitpy OperattoBs 
Center (JSOC)) News Yduv Can Use 
Newsletter striiAess to protedt 
reastores agaiiimstt IrnttenTBSt cytor 
threats by keepingg thenm up-ttoddtoe 
on the latest security issuer, 
vulhrrea&biiieajs, and computer user 
tip®. The threats we address aflfemt 
yorui daiil^-- at wontk, at honra, and 
virtteli) , y eveiryvriaece in between— 
and we prowictte the infonmaJibon yowi 
need to knmnw, in term® youu can 
undetetadd. 

If there is a spesiffic topicc youu wowltd 
like to see didnmxdd in a fuiturre 
newdfeatfer, please email Jennifer 
Jones at ieiifefteudnindlr 3 )(aBiitai.obaov 


I 


Awareness 


Safe tnitenvfit Publiatliiigg 

Althaaiiu^h penpItecBeetStppal^llvra'^ry of 
sharira^pBissxDiatliiTftfciirrafeShDwittaith 
strampa'estlfeyy meet on the stnedt, 
they may not hesitatetto pndt that 
same inforrrtoitoinootiiitie.eBBfefcB'e 
postim® infdTrrraaitjQn online, renrrnnttar 
to:: 

• View the intermit as a nrwd!, not 
a dianyy: araimee that people you 
have never met willl view the 
infdrm^iteryiyifliar8reiptoll$liBhgn.g. 

• Think tomb:: once you piudidti 
sormetehffloohitiee, it cannot be 
tatemtteaWc. It is avaiMHtetto 
other people and toaBBSB'oth 
engiires, arid may meoiarr be 
compIdtejyreaTOVBdd. 

Source.-: US_ GEMT. gov 


Securittv Advimrtaes 


Redware E-Wastbe 

The WMorld gienretalees 20 to 50 million 
metnrfc tons of e-w^te, vnltitdti imrdt^ up 
2 peraanrtt of solid waste inn the UD.S.ajwfcl 
is the fastestaotog§®prjB , nint of U.S. 
gartoa^. Be sure to tatedttl eltetramtss 
and omrmputets to your local ffesility 
along with your usual recycling. 

Source: www.pcmag.com 


















s You Cam 


Accoroflrtgg to an ariotte frame arstedhmoaascnntn, “...the worst coimsaftuseoees of tills particular 
leak are most likely inoaseEsdd spam sent to or spoofed a® corwimg fracm a parflcuter e-imtfd 

addnasss. Howexar, its not entitoty .-———— — --- 

unraaEsurabtee to suspedt that hacteres _ 

might attennfet to crack into some of 
the e-mail acccmtfes rettoted, whictti 

indlwnfe ofliafeis frame the FCC, FAA, «»»«•«■«• : iiM.uqr.*s 

NASA, and the Am*/ If you owim an SESSESS ■ SESTET - " 

iPad, ttaras is a possibility that yoytr 8901410424 32 2 :!■■■■■■ : 

email addtos to tom made public JEEESSZ ! 

thraugjti this breadt), and it is s#a±AKi*24322o»ww«* : •«**.»[ 

recornmeeddeld that yoiiu remain bubhbih^ : 

partimilatyy vigiitortt wherm chedsirngg 8 9<SXitiXQi424322 !«■■■■■ : Mua^Mui^Dasa. gov 

emaiil. If you encounter a message »mmM2i32;i — ■ —— T* 1 * 8 ** 1 ' 

j 890-1910424 322UUBUUUU : .fEV 

that may be an intnustoin atteumpat or 8901*1042*322lflUMBB : ^UUUgtM.jior 

pose a thirsatt to DOJ corrnpuitteir ®® al * 10412 * 3224 ^^* = — 8nM<10 ft. gsv 

r r 890X*Xa4243B49ftft»*l : uaiiMUU^tracuOW 

secutntyy, pleads follllsx/w tnK£ 890 1 41 042 -t3&&5B*ftaft : @maaii. hoKsic.. gar 

instmictiboas for reponttiigg malldams «ooi«m< 2 M 22 i^^m = _ 

emaiil at JSOC's DKSJBfet website: 


8<»uni«m42m&ia«MM*A 
89»H4d D 4 0 4 22 KWUU 

89314*04 24 321 «■■■■■ 
890B. *10424024 
8901410424 32 2QUUUUM 
890X41X0424322 OUUUUUft 
89014101241322 flUMI 
89(3XliiQ124 322 OUHM 
89014104 218 31SHMU 

8 90XHQ1124322 lUUMMft 
8901410424 3221MM 
8901410424 322 lSftMR 
890141042432 2 lflUMBB 
89 Q14 10 *2*3223»*«*1 
8 90X2X101243B1 9UBMI 
8901410424 mSM 
89014X04 2*32 2IMUUUB 


. a ray. itil 

i?daxpa .mtt 


n^Mauatilw9. army. &5f. 

*MaMr|l)i!l .laiQBVN-ltlll 

■Utl^HUBBfUAaafiIi>V .*&£ 
ftHBSum.^rmy .nil 
■piHBtiM. anny .all 
(■■■b §(Uu3. arrttty.. *uit 
■MMMp^us.nniiY. Bail 

■^MuuiSDasa. gov 

na Ha .<pnv 
■M^aafrEiaa .$ysw 
mmmmbf&t , gov 

MpiMB 8uBttio j . g®v 

MUUaalCiticoosT 

fhnaail . hoH!R.- gtw 
■BB ti: j jt.rtjav 



Jtone 2OJ0CD 

Security Awawemass Ti 


AT&T Security/ BresRfHi Irrrpmflte iPad Usett* 

Early imJtaoe, jjiutst tw® momttte siirae the release of the Appite 3G iiPbd, AT&TTwaas made aware 
of a breach that exposed the emaiil addir^sssaadd asscetafeeld AT&T netwwnfk autfrenteaabhDn 
ID® (ktiraaArm as ICC-DH^) of thaussaralds of iPad owitubbs --imreaiyy of wIum are Federal 

empitiypees. A gnmuflD of security researntteess called “Goatee Secuiritty" 

. (wtlrocffla motiiAess are currerttyy in question)) discswraedd the flaw and 

extras beid 114,jamD email I addiasssss before sprescdirrgg woird of the 
pnofotem. Goatee Security/ has been acnussdd of inforrmtiihigg outeitte par®ess 
of the hole before AT&T bread patoted it, potemtfeiyy alltawirtgg hadtess to 
access more iPad user®' emaiil addessses. In its deferes?, a ©oatse 
Secumiyy repmsssHTt6ibi®e stated that “We did not contlaatt AT&T diredtyy, 
-4 Q L but we made sure that soirrosme else tf(gpBEtl thenrm off' before spresaiirt® 
aiWU woirati of hofej Th ey als ® stated that they were not paid for djsdtssrrgg 
infonirreatoon to thi'red parttess. AT&Tdbffiffidd the hold shorttiy after beiffl® 
notlfeetl, but an FBI inw&tggilition is cunrenittyy undetiw^y to detenmiirrae whettwr illegffll activity/ 
was invdted in the attarmrsertt of the emaiil addsessss. 


Visit Our Vtfelasfte 


What is the JSOCE 
Newalbltbe?? 


About the JSOC NesMltatber: 

The Jusfcte Secuirit/y OparateoiBS 
Center (JSOC)) News You Can Use 

Newsletter stitiiAess to protest 
readacs agaiito Inteimtet cyber 
thnatefes by keepirrigg therm up-ttoddSie 
on the latestt security/ issues, 
vulhnaatoBIftses, and computter user 
tips;. The thrrfflsafes we addicssss affadt 
your daiiiy— at woirtk, at honre, and 
virttfell^y everywtfoeee in between— 
and we pnomidte the infomrrrasitjon your 
need to know, in terms yo«ui can 
umfesShadd. 

If thfflte is a spedffoc topic: you woulbd 
like to see diBrawsBEid in a futurre 
newsltoteer, ple^e emaiil Jennifer 


Wfl I [Still lllll::JlW.lt«i.iy:^'f*i.( , *:di;ii BmiaItMM 




ConWbutiliii® Sources;- www.arstechnfca.com;; www..gatiwtor.comiv; htt/p;//seciKmi9)y.go«ts©.^tf 


Protextthojg Your PC fromi Spywsmee ansU Adwsree 

Spywft and Adwan® are tyntte of sofUwa-ee that, when instelWd on your cormpuitter, msy send 
y@yi pop-uifp ads,, rediittett your bromnamr to certain web site®, or monitor the web sites that yeru 
visit. The present® of spywares is tyfftoiyy hfotfen fmm the user, but some Indicsttoaes that it 
is ihstalltedann your compmiter are:: 

• Endless pop-ufp wimdswss or Wirrattswss enrear mesgstgss 

• New,, unexgBBteeld todbrea-ss in your web bnawssr 

• Your browraarfes home page cham^tl 

• Yeur compuuter suduterljy seems very/ slow when opetmmg prsgrsrrBs or pr®s^$iif§g tadte 

Whttftffifr or not you suspealt Spywtei® is instelteld on your comtpjitfeer, It is wiise t® ruih antii-- 
vihtfe geftw/cee and to adjufe the setttrrags so that you are periiatloaajly renffinttidd t® rtftP a fwll 
scan. 

Coflibritouttu® Sources;: www.US-CtM/gsov 

**Th*s docMmentis intemitadfor Dc>f iu icimehtrfjtoetfce intennwi use only anvils fldfcta fee 
distmtturteicbutstrte the Deflrarttwe At. 

* regsrding Ms newstetteror requests for permission to redistnifazite should 6e directed t@i 

JSOC 202-3XS75S322 


Cyber Awafeness Tip 


Remaning Persanrsll Difhnmaafttan 
from Old Cell Phom^ 

Before diisposirTOB of an old cell phone, 
it is impimtertt to ensure your personall 
infornmalition has been renwiwattl. A 
recent study of 2 , 00 ® recycled cell 
phones ftumtl that 99% of them had 
personall data stiilll stored in therm, 
includirg smsilii&isemartatffllial like banrik 
accourttirrttarrafelrtinBgfefergditetgmigl rid 
of your phone,, be suiretto: 

• Notffltyy your cellulfor prowicfer and 
terminate sereicE on your phone. 

• Remove your SUM card— the tiny 
card inside your phone, which 
contariscttMcStoienid in your phone.. 

• Erase all the histonyy fromi your 
phone thnaugj-h a hand reset. 

More intsntotoononn perfomniiiiggeaabh 
of these stBpss cram be foumd in your 
phoiridfeuisjr maimfei. 

Source: www. planetgreem. discovery, com 



Green Packagjrrig 

When shoppirn®, choose prodiuitte witttn 
smarter packaging-tree., less packagiim® 
and use of eco-lfife*ialittlymratoi®rials— and 
write to let nrrarnufdetilterers know when 
you dont like theiir packagtn®. 

Source: the Daily Green 
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Visit Our Website 


Security Awangrasss Tip _ 

DOJ SPAIN Mailbox 

The Justitfe Security/ Operators Center (JSOC)) prmicttes the DOJMAIIL-SfTMffl 
mailltasDX to allow/ repomttiirgg of e-mail messapss that users suspedt may be an 
intmisomn attentat or a threat to computer secuirityy. JSOC analyzes nrre^ssgges sent 
to this mailtaiKx and dewdhpss mititpatocin and detedtoam metttatts to help protest 
Department systems from intntisubrass. 

There aresReetfific instnuotiooss that need to be folfcaweatJ wherm forweditiigg suspsotbdd 
malliiicouss e-mrsill messagpss to JSOC for fuirfter anallyess?, wHitibh are onllihree at JSOC's 
DOJNet website: htte///t/d»Dteedodteqltedfirwi/tl^ditBteddtM/denterrealtBifiaajicious- 
emaill-sEuttmtttetlal.pdf. 


Please note that jJBttC does not analyze or block: spam or otherr nuisance 
messages, unless they? pose a threxttto carmypiftea-rsecur/ity. 

If you woulhB like to blcdk spanu,, nuitearoB?, or other nonurraalicbass e-mail 
messapss, seveicdl optimss exist: 

1) Contact your compnnraTtt IT Helpdtetek for inforrmatoan on the Proofpeiint Mail 
Digest and end-mate maiil filter setthg^s. Whenn enacted by your Helpd^k, thfe 
seroicEe prawiottes end-usaiEs witltn the ability to mamaps spam setflrrajs?, incHuuUngg 
blodtomgg spediffa: e-mail addrm^ss, OR 

2) Contact your compunnent IT helptbfek for interna toon on how to block spedfftc 
sendens witttrim your e-imreHil applldatoan using) built-in toslte (e,®„ "Junk E-msilt" 
filtehirgg in Microsoft OuttoJ^) 

User AwateTtsss Ti 


Cyber Attertks Center Anouimd 201(9) WoflbU Cup 

The FIFA Woribd Cup 201ffit, like most everts that re&swe heavy media covat^e, 
has pno'ffltttetl cyber ciimfraff&s the oppoirttmttyy to attaiWc unsiu^fgottigg eompiittor 
users in varirmss way®. Using hacking tedtirricpuee?, attadtess have msnagKti to hava 
their maliiticaias site® llsteeldimn the top Googlte $@aothres8UttsA&ss§®$rinin th£ ifTtogis 
below,, the top four results —out of over 17,0®®— for a World Cup-naia£dd qugry 
led to maliratmss wetetess. Click mg on any of the top resuite causes a phony/ 
"WWtovss Security/ Cent©/" notiffortibon to pop-up), a corniman Fake AnWrass 
teehnritpuffe. Users need to be cautions whenr conducting popular searcrt^, and 

imirmsrtlaietyy close theiir brawssiBs if they 
receiwee a supparaastl “anttviiinQS alert." (For 

_ 8R Eife® /W tffilftk?' §S§ 

m. ._ V ~ y the Februuaw 201(0) issue of News You Can 

puitoreetWortrtCup tftw iw** ■ I Irate tst* jam „, - u 

2010 World Cup 2010 -mmem TIcMS L News AH n$Ns. »■. 2 pkis 5 - Sgroup for our USe„ ) 

tree lien semcesncbe me first tot&uy #**-••* Qip Tick** ... -* ' 

nert/apcy pfcp?nwn«tel¥>20cup Utkftts-SLiilldSl 

r«t.a Cyber criminate are also sendihrgg out 

emaiite wiffln malliciou® PDFs, clairnirt® the 
|ii, *Miw woMiuoo.pwof «m*» E-asM attemltrrrraeTtes confesm free WorlbtJ Cup tiffMsSfes 

- aS5^5gtt ?rM-- M ZXU ZZStSi or a WoirttH Cup Tratel Quite. lUteresatttedd 

use theiir better judfenrartt wham fatted wittin 
oonstructbncomiWefld Cup jHb 1 Tkkttt I foatucntidapfom i) often® that are umsdibilfedd and/onr soimrotl too 

good to be tru®, and refrain from opening 
^.J such attedimentos. 


Cenferfewt/tagl Sources: ESET Threat Blog; NetwmftM&tfttlnet 

* * fhts is intendedl for De/pmntmmrttofjJssUaw intermefl use arty and is n@tte fee 

dlstriinuttellours/de the Depantmmrtt ** 1 

this newsteftter or requests for permission to redistritoua® should be directed to: 

JSOC 202-39I75S332 


What is tlhe JSCXC 


Aboiutt Wire JSOC Newsltotber: 

The JustiiBS Security/ Opeirattouiiss 
Center (JSOC)) News Yaw Can Use 
Newstetttteer striwess to protest 
reantess aganrsat IiuterTBit cyber 
ttasafes by keeprreg thom up-to-ettabe 
on the latest security/ issues, 
vultiWBWIrliibsps, and compjitfeer user 
tps. Tftee tttmeteSs we addti®® aff©dt 
youii daii(y— at woirtk, at home, and 
viirttirtl/y evettyywHeeee in between— 
and we prowicbte the infanmaiibon youi 
need to kmaur/, in terms youu can 
undenstamld. 

If theiffi is a specific topir y«u wraultt) 
like to see disciiiBBKti in a futures 
newsiteltfeer, please ermsail Jennifer 
Jones at ierrm1ferdpe«&3>@Birfeoi.aoy 


Cyber Awamsrcess Tip 


Profertbiigg Peraantol Eii ftninaa iBon 

As long as you have a compuifer 
and connectt it to a netwarkk, you 
are vultrsrrttte to sormenrtise or 
somfetimgg else accessirngg or 
conreipltriigg your inftmmaJibDn. To 
mimirrriiiEe your risk, adhense to the 
fcdtovimgg rultes: 

- Lock your computer when you: are 
away frcrnm it. 

- DiseonmBHtt franm the ImfeTtet 
when yo»w are not usiitirgj your 
connpjiter. 

- Chedk your computtoids secuirit/y 
setttihggs to mate sure they meet 
your needs. 

- Back up all of your date. 

Source: www. US-CtM li.gpw 


VPR Aleiittes 
Securittv Advisprees 


Top Three Off ore Pet PeewES 
ResuRbtog in thrareesseld Waste: 

- Mimdtesss, uraiteffiBsayy priHittirigg 

- Leaving ligltitfes on 

- Lack of renyitiiiigg bins 
Source: the Daily Green 
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Visit Our Website 

SecurT^y Awanceraess Tip 

What is tfh® JSOC 1 

DOJ Contitruoms Mlontarhiigg tmitxdfciee 

Newaltathr?? 1 


DOJ is in the preset of mowing) to a moctell of contirmoDiBS momitomigg of assets, 
vuillrm®iEfldJlitlfei^s, configyralition chamtpss, and thmafes in order to fulffill oparattngg 
reqiuirearrscftSs, miimimrizee rislk exposure?, and impmsMee computer inciidteirtt respurrese. 
The Departnnwitfe's cuntentt risk mana^irreertt modPI ftomses lartj^iy on "stmafp^trodfeS" 
praNMcted by periiosnUcc assessirrart&s and aiurtlits. This modWI is not only readiAee, but 
the operate® enviiramTieaitit is also ever-nttarggigg, resulttiirgg in security assessnrrerrtis 
that are quickly outotfeafedd and lack a reaktime evalliuatteoin of risk. 

■ Due to this defitn©T©yy, DOJ made the dedatnm to impHemrartt 
Enteitprrsee Lifecptte Manageimrartt System (ELMS)) BigFbsc. TTtiijs 
techtiradbEgy willl prowictte situuattaxnafel awatrarresss and greatt(y 

imptrontee our currantt riisk managorratlt metttastts. ContihrucDiss 
montoiihgg willl pruwicfe real-ttiime asset invemttoraes and 

endpoihrtt visiWityy to the DeparUnmairtt thiroaiflfh a centnstflized 
mamagjerTBntit consolte. DOJ Compomnea'TtSs, OBDs,, and system 
owiueis will also have their owim consol be to monitor and evaltafee system 

vuUnrastoiilitifeies to deteirmine appUdsddtiility witHrim theiir envirramneeht. Flavinrog an 
accurate undensteiroldigg of DOJ's security/ postures will eitettteuss to assume greater 
risk level Is whetm appropriate. Addlanteiyy, new FISMA repottttirrgg guibteinees were 
released last week,, whiloHn requires changing] to autarmateeld date feeutk, and EILIMIS 
supports these new requihesnwrtts. 

Continuous monitorrtngg tedtototagy willl alltow/ dedsom maktes access to key 

informatiionn quickly and effideaTttyy, and streanrrlliiree DepaiUnrortt compHEBnoee 
repontthgg. DOJ will now be able to fulfill date calls witHrim houitr$ --rather thanr weeks 
or months— white elinrrihnBdbiigg the unoarttaiiiittees of self-re?p»titigg. 

User Awaregresss Ti 
Post-TTsax Day Emaill Scams 

Aprill 15th has passate, saidd many ta*tp^a r ss are an*jnudjy awaittmg theiiir retuirnss. 
Not surpffrssng^iy, hadtaiss are seizing] the opporteTWyy to scami sas many usetrs ate 
possiftfe by sending] out fraMilteht emailte mairtteU as notiffosatooss frown the IrmtertaSl 
Revenues Serwidse (HRS)). Many of these emailte claim that ta*pHtess must submitt 
finrmroiail infdtrrntotoan such as bank accowntt and credit card s\ - . 

numtatss, passwrc&s and ATM PINs in order to r©£di^ their 
returns. Sonne are intended to frii$ftt»n tetppess by wtjjS XOLw 
claiming to come from the IRS' "Fraud Departnrnsrir." Otheiss x,&&n XXVkJ 

state that taxflt^reBs willl receives money for filling out a - 

customer satisteattioirn survey. It is impotent to note that Depanimentiottrte-Twasuiy 

the fRS does not initiate tanypHyygrr commaimrrattdmsthrough 

e-mail. - 


If you encounter an unsolldilfeeld ta:*c-re&&ted emaill frown the IRS:: 

• Do not reply. 

• Do not opeim any attesrtmtentits. 

• Do not click am any links. 

Click Iteee for a list of the tqp-flS IRS scams of 20t®, 

ContributingSinwcee: www.IRS./gav 

**f his documentts Intended for Department lot filestore interrmat use only and is not to be 
dlstritudimtioutside the Department. * * 

QuesHtiffS regarding this newsAatkm or requests for permission to reoMstmitaflse should be directed to; 

JSOE 202-3H79B322 


About the JSOC Newsl tetter: 

The JustiiJEE Secuitityy OperathnuBs 
Center (JSOC)) News Yimti Can Use 
Newsltetter stniuess to protteilt 
reaKfess agaiintet Imttentet cytetr 
thnesats by keeping therm up-ttoddtee 
on the latest security issues,, 
viuJlhnamsddtlitifeites, and computer user 
tip®. The tthretete we address affect 
you daiilljy— at work, at home, and 
viirttteltyy eveitywHroee in between— 
and we prowictte tHrie infonrrraditian you 
need to know!, in tetrmss youu can 
undetebawld. 

If then® is a specific topic you woulbti 
life to see disammadJ in a future 
newsletter, please emaill Jenmiffer 
Jones at ienmfer.iofflrertS^isstihiinoMDv 


Cyber AwsEreereess Tip 


Emaill Attearttmeertt Safety 

An emaill atteEHmwrtt is a computter 
filte that is sent alomgi wittti an email. 
AtflaattrmetSs are conwmenti,t, but 
th^/ cam also canrsy viirussss. Follow 
the tips belteMA/ to profesitt youirateff: 

» Be wary of unsdittliedd 

attsaiftimeetts, eveim fronm people 
ycrui know. 

# Keep sofflwsaee up-ttoddtee in order 
to mirirnizEe your vulhiffltedbitjty. 

» Tuirm off the option to 
autEnmabafiyiy downltaad 
attanttmeetts. 

Source: imwwiK.US-CERT.gov 



Go as Papattess as PossiitJte! 

» Keep copies of impmtbarTlt emoiits; 
filtes, mamutete and moire on your 
computter 

• Review/ any dooimsirtiJs onllrree 
insttffiffird of priimttiiT^ them out. 

• Send cormpsaryy updates thrau^jh 
emaill instEEfflrid of on paper. 

The USily Green 
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Visit Our Website 


Security Awansarosss Tip 


Opeme/thom Aurora 

Mlid'D©E©Trtteer 2009,, hactesrss iniltefeeld a higttrliysExp^hBifeteaeded attetk on 
Googlte and more tham twenty other conrpsaTTees, witttn tlhie goall of access nrcg 
souira® code and gatHnsiircgg inftjitrmatoon about dozen® of U.S.„ Chines anrcti 
European users who weir® advocates of hurawi rigthtte in Orirree./A 
comfoi'nreatomn of encr^flJtorari, stealtth prognsammiTiigg, and expltotteibon of a 
prewbud^uakrtemrovn (“zetre-ctt^yf) vulbms^dctilityy in Microsoft Irntterreit Exploiter 
allow®*! hacteBS entire into two Grnaill accoiumtfe?, but GooglteatAmras the access 
was lirrmitfeEtd to accoumtt infomrrEabjan rather than actuiEte ernaiil contentt. Upoim 
investficpailrigg furttwr, however, Googlte disooxesedd that hactees had 
successfully gaimetl entity into targeted Gmaill accoiuntfes via phiisHrimgg scam® 
and mataane on the users'' compitfeess. The attest was temtteahrefyy lintati to 
China due to the press-rose of an obsounee algoirittfum in the mall*®B?, whiiiHn 
had onlly beem pubiitetedd in Chineseaarraldwaas virtuteltyy unforran/wn outeictte of 
China- 

Ref ereiinass ifn the malta'ee to a fille follder named "Auiromsa"" earnrenti the attetek 
the name "Openoatronn Aurora!’" The incident has resiuitteti in consiottera&tee 
contenrttaxnn betatsasn Googlte and Chirna, witHn Googlte refiisngg to contifruse 
censcHirhgg certain searteti resultes on its Chimes®ssaarbh engine, stafrrag 

“ ...these attteolte and the sunxteiltacee 
1M they/ uncovered-ecOTiitoibBted witHn 
attempts over the last year to 

tfite weh 

in China indLudirgg the persiisttertt 
blodlfirngg of webstfess such as 
Faceboolk, Twitter, YouTiuitae, Googlte Docs ante Blogger-hhdd led us to 
condlMtes that we coulbb no longer corHSiruffle censonfigg our resiultfes on 
Google.janrV" (The Official Googte Blog). On March 22nd„ Googlte anncmroeeti on 
itsHdtigg that users visiting Gocgjte.cn are now beirrrag rediteastfedd to 
Googleamrnhhk, when® the*' willl reoawee uncetraaredd searaHn resifts, and 
whitettn wiill “rnresHnngtfjifiUyiy inoiffiEEBse access to infoirrradtoan for peoplteiiin China."" 
China maiimtterras that its Intemtet safety politcyiss trarm^ja-BEitit and con$fstteiti.t, 
and resetntfes the U.S.’te accusatixDin that it had any partici patitem in the attaftt. 

Operattan Aurcma seraes as a cogent reminratter to the generate pultsllte to 
remain dilirgertt on pataHrirngg. Microsoft issued am out-crffblaadd (outtectte the 
nonnntel schedudte) pateiln for Aurora on January 21, 201®,, but as woird of the 
Internet Exploiter vullmetetlilitisty spread, hactoss scramrtbtetl to expHdtt it befcnee 
users wer® pnotesolbdd. It is thentefrree cnunidl to appllyy pateHress as soon as 
possilWte; JSOffi: relteaBsssWIPHs for softwa-ee pataHnss resdWrrgg vullinsndtltlHittes 
witHn a CVSS base score of 7.® or abowe (as deterrmiirriedd by the Natorrete 
Iimstittilfee of Stairrattedis and Techrtotagty), and sets pateHn impltemanfetibon 
preceottsroee toedd on public explldttetoon of vulhna-airftlitifetes, if appllosftMe. 

ConfcrttsMto'mg Sources; TPtne Official Google 8/og,;Wiired.<n5m 



* * this dotutfn&nr is intendtedl for Departmentlaf Jliatfine /nte/ntraVI use only and is net to be 
dlstrlbmiliedloutside the De<p®if1meei&.tt** 

QoefitAsvtfis regarding this Bulletin or requests Tor permission to redistmtw/fte should be directed to; 

JSOCTteOdieERT 202-3075332 2 


What is the 
JS©£ Newsltettfee?? 


About the JSSKE Newslkatfcer: 

The JWtaee Security/ Opeitetnunas 
Center (JSOC)) News Yaw/ Can Use 
Newsletter stmwess to protean 
readtees againreSt Interrelt cyb©r 
titma95afes by keeping titnsim up-te>eMee 
on tte latest security/ issues, 
vultro^tlandl compMUter user 
tips. The ttimetefcs we adkdhasss aifettt 
yoiui daily— at wort^, at hom^, andl 
virttubiy/ every/Mrteeee in between-aadd 
we prowidte ttte infotrrrraaition youu need! 
to know,, in teitrms youi undtei^tanold. 

If toeree is a specific: topicc youu wcwittl 
like to seeaflssosseddiriineB fuSures 
newsltetfeer, please email I Jennifer 
Jones at ienmfer.ibnesSti&igttahoev 


Cyber Awanaaroess Tip 


A pasavortidiss often the onlty/ bartiife 
betsmsan ottnetr compwfer users and 
your personal infonmaaitjon, yet most 
peoplte create passwordds based on 
persanfel infatirmatoon tttnaitt coulld be 
guesMod or easiiliyoraafctafcd by a 
hackenr. Follow thiffi®£ tps to create 
tHne most effasttvee passararctl: 

• Do not use a passwwcfci based on 
personal I or easily aeceesblble 
infarmteibon. 

• Do not use worotfc tha® can be 
foiuimod in a didfiiirrafflyy of any 
languiagpe. 

• Use a comtiifraaition of letfes?, 
numtliffl-® and special ctaraatee-s. 


Source; www.US-CEMr.gov 



VPR Aleirtfes 


Secunittv Advimpries 
Montitrltv WramitUp 


Green Tip of the Month 


Enengy-fEftciraetit LigMtrajg 

Replace incanrattessoiht light butt® witln 
comtpHrtt fl«Mr®sffi®iht light (CFL) or light 
emiittfrgg diodte (LED)) bmittss, whitilb ghie 
off less heat tharm incamlteEeetSaraahd 
last longieir. 

The Daily Green 
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DOl Cyber Security Confenaarreee Recafp 


The 201® Departunertt of Jusfose Cyber Security ConfeieraeeMasshbldd Febnuaiyy 2-3, 
prcwims our largestt turmrauitt yet. This yeaiffe thorn© was "Keep Our IirafeimaJibon 
Secur^"aanoldctiS6QQS6d:d new Departmentt security inillitahreeg, emeitgjmgg tedhrmoMigipes 
and security capattrillitiBas pilrattod by DOJ Comprarnwrlts, as well as futures dirffidtoin of 
the OffkiE of Mlanageirmartt and Budget and tlhte U.S. govemrrrent.t. Thank you to all 
atteirttess— particEuJtertyty voliumtfetess-- who helpsd to make this^ffieefe confeiamee a 
success.. Please remetrmtiDfflr to filll out your attenuates survey so that your feedttaolk 
can help next yeaiffe pnmpcam. To requestt a specific topir be covofej in a 

futures confeiame<s, please emaill Jennifer Jones at ienirrifferijdoas3@g)siddiodaTOv . 

AddittcwT^yy, CompsumaartSs willl have an opportunity/ to showsassas their own security/ 
advamoBESs, measures® and programs at next yeatffc confeiamee; Infetmtaibon 
Technologic Security/ Staff (fTTSS)) willl call for abstnaotSs duririrgg the fouirtth quarter of 
the year and notiifljy CompranrantSs of their seledtibon shortly thenatefter. 

Security Awanearosss Tip 


Google Image Search Targeted by Falk© AV Attacks, 

Antii-Viituiffi fakealerte-pfprfmiyiy warnrirTtgs that appear to indicate a virus scan is 
rumming on your computer and therm insist you puirattssse a pradunlt to rerraross the 
suppaffiffid “infeiteiaanftearan now list Googlte image seairaJtn as prey to theiir attacWss. 
Until recently, FakelWfe were primarily located mm Trepan Horse appliKattoares; 
howenfflr, due to the success of this parti mil tar atterik, hackares have now mogntated 
fataaltates to browrasss. 


See fullaiaaiinaroe 

267 x 400 - 2t k - jpg 

Image nraybe subject to cmpiiiricgttl 

Below is itte image at: *** kh. it ( j 


^ . Warniiiqp lYiamr computer containJ 
mates*prograrm.presence. Yourl 
viruses cheddl System SeBurttyurfl I 
seething) of your PC for viruses anJ 


As discussed in a WebrooLcom blog,, atm 
image seairafh for a teltewssaffin actuate 
yiidbfeti phoiuyy image links leadtag to a 
suppBBHti Micrasmfltt Intemtet Exploiter 
"waimrihng)'" whidln stated that the userife 
system had been compioanniBedd (the typctal 
Fake KU baittimg tacttii)). StrairgtatY, the 
Googlte ssaacbh pane remaiiTES at the top of 
the page, whilte the fakeallentt runs in the 
lower section (see irmagja at left)). 


oic | caneq Once the user clicks the fakealtetl, a roguire 
antiwiruss (wiitlttn a name such as 'ToteI 
”Security’" or "Secuirityy Tool")) hides the 
desktojp with its perwitaiBedd wall||^irar, inteiffeess with the userite abiliityy to right- 
click theiir mouute or use its scrdll wheell, prohiHbtfes applicteiniciBs frown rutmirirrag 
(inaJUfUingg Intermit Explorat), and blamasB all of the prolbflsras on an infeston witttrim 
the machirree. The purjpuaEe of this elabotebe Fake M/ or "scarewteee attack!" is to 
conwrrcgeuaeers to spend $50 to $9® on bogus antMroas soft»aee, contutiluiiriigg to 
the miHIttnss of doltenss In profites generated by thiis scam to date. 

If you encounter a fatesaHatt, hit Alt-FFtt, whiiuh will I imimedtatesly killl the browssr 
(Seteslt''''£aiTOEel" if a dialog box appeal), to avoid ^—- ; — 

gniifflfetifeha^iy diwmte&fihgg matoare?, and §§R(atat tooj 

your Competitertlds IT securiityy staff right away. * IPO* 

Reference: Web/root Threat Blog * _ 

doewnertt Is Intended for Department of Justice internal use only and is not to be 
distributed outside the Department. ** 

regarding this Bulletin or requests for permission to redistritarfe should be directed to: 

JSOC/yOSQIJRffiHT 202-30S75S322 
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Visit Our Website 


What is the JSCXC 
Newsltasttfee?? 


The JiiSteee Security Operatt rasas 
Center (JSOC) News Yinui Can Use 
Newsletltteer sbiiiAees to protect 
readess agaiiiratt InteTtet cyber 
thiteaifes by keep tag therni up-todtate 
on the latest secuirityy issues, 
vulhteBhBilftass, and computer user 
tips. Tte thttraafes we addire^res attest 
you daills^- at work, at home, and 
virtutaiy/ eveirywtteeee in between— 
and we prowblte the infonmrtation you 
need to know, in temnsB you can 
undetistterold. 

If theiae is a speuaffitc topic you would 
like to see discusssiliiiina futmnee 
newslleltbEr, pleas© emaill Jennifer 
Jones at ieniniferidiiMitStaxaRrtedloi.Qov 


Losing) a laptotfp or PDA means not 
only losiiii® the madtrirree itself, but 
somettrmes the infonmalibon on it. 
Follow the tifps beltaw to minimizBS 
darmagpe: 

• PasswondJ-protect your computer 
or PDA. Alsu, wherm entering your 
password, ensiuras that othfflBB are 
not able to view it by "'shoultifer 
surfirffi." 

• Do not leave yourdexioBe 
unatteroteeld. 

• Dowmfldtay your laptafp or PIE)9(\- 
avdblj usin§ it in public iff parasslDtSe. 

• Backufp your filtes. 

Source: US_CFRT.gov 


Difedh Dixies Cups 

Rather than usingi a Dixie cup each 
time you make a trip to the offtee 
water cool let, bnim® your owim cup and 
encmirEHjpe collteagiffies to do the 
samre-itt saves loaote of paper! 

The Daily Green 
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Security Awanaeraess Tip 


JSRA 

JSRA is aaVirttu^l Private NetvwmH< (VPN) whiidin prawicbtes a secimtee and encr^Pfedd 
conim©atimn to Departnrrartt of Justites infoimrreatnxnn resouiroess viia the Interimat and ii 
part of the DOJ Disaster ContimgsTwyy Plan.. 

• Whetm utilliziiigg tttne JSRA netwcahk, users showibd folltaaw best prastfckfis, 
DOJ Securii$y Orderr 264KB2TF, and) DOJ Genetel Rules of Behaviisrr 
FYKffl. 




jjlj»BKjl j fe 1 1 


DOJ guidralirraes for JSRA usens: 

Do not connetflt persantel compjittess to the JSRA Netwwrtk. 

Ensure the comfpuittetes softaate is fulllyy pataHnsti and the virtue pr®teflte«n 
defiirmttorass are up-ttocttofee. 

Do not use Peer-toFterr (P2P)) fille shairirrog on the intemrat, such as instamtt 
messaggrrag, SkyfpH^, BitTenrEffitrt, or eDomH^, etc:. P2P is 
forttDCfettoi thiwaigjtrault the Departrmant unites a waiiwar is obteitoitl fr<5WP 
th© Departrreffrti'6's CIO or his desigrreee in each CompstTOTlit. 

Use only author rzedd thwnnrfti driwess and disfetttes, only dowrdtaad filte fnswn 
known and reiyUte souiresss, and empfayy virasotteekkigg taslte prtor t© use.- 

Do not allow famriiyy memltaiss access to your government!t lapfopr 

Goverrmwrtt laptapss are only pernrniitteeld to connectt to the intewtet 
thircmgtfh the JSRA netswrartk. 


EX-wn p+-.o n 

ft (E)> 


Visit Our Websit 


What is the JSCXE 
Newsltettfee?? 


The Justttee Security/ Operattewss 
Center News Yasui Can Use 
Newsletter keen® readtees up t® 
date on the latest t®nSc©?, security/ 
vulhnsatolditifess, and computer user 
tips to hefo> protest against cyber 
thireatfes on the [mterreet. 

These thnesafes affcflt you evetrytctey in 
every way - at the office?, at horns, 
and in betswesm. This is inffflnrmatoon 
you need to know, written in term® 
you can undostaidd 

If you have any suhjtetiS, or ideas 
you would like to see auMessedd in 
future; nentetettete, pleats® eroaiil 
Curtts Johnson at 


Cyber Awareness T|p 


Malwnanae Campaign Disguiseeld as 
Swiirmae Flu Messages 

This cararpfflggn sends e-nrall message 
contEBiritigg infomrafliaunn regandJihggHHlNIll 
vacdMtoon prog/smss, puinpnrtiirigg to be 
frtnrm the Centers for Disease (Qsmttobl 
and Prevention (CDCJ.. The fate 
messapss attempt: to enttcse recipettSs 
to clidk a link to a imaliciiouiffifilfe. 

Users who click on this link may 
becomre infected with maltaOTEe. Public 
reporttfes indicate that the message 
contain subjpitBs indwcHrcigg 

"Govemmeratabl registtBStjon prcrgtam 
on the H1N1 vaoditiHttdiinii" and "Your 
personalvaaciriatidron prolflte':" SubjjesJt 
lines reltoBEfcl to this maltaHise campaign 
wil likely chan^ over time. 

Click here for more infotmrrasiban. 


dvvumcnt is iWfPhlthtiffdr Ihporrmrn! ofjuslise inOmmil Use only and is no I to he tHstrihuleid .oniside lhe - 

Qwh's’liiWs H^dhUlhgtHiSsWMlilin or requestsjf&r permimiomtDi'ediUatrtihu!el$foti>Mld<f>didiceefPfi>!o: 

JStJC/DOKEEHST 20QB00t55332 



Don't Duntigp, Donate 

The next time you upgjiadte somettirrgg,, 
can no longer stamp the sight of 
sometHrirrns hidesuss, or simpyy need to 
dowmarse, thiiirtk "dorredbS" instead of 
"dump”' 

The CQa'tly'Bceen 
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Security Awaneaiwss Tipg 
Hiddtem Dances of the Weto 
Social NetWtfTKftMQg 


• Enables quick,, efffcdi©irtt 
comirmuTTKD^ition 

• Netwcrtk witHn frtaittts, cowentoE?, 
fritemotte of fnmnfte, classmate?, the 
woirtbtl... 


Con 

• Wikdte usenttesse promotes atJnantbree 
tarcpstt for attolteiES 

• Can uninteTttnxnatiJIy leak sensiittvee 
infwmrredtoan 


Facetosxstk Targjsttngg & Exptoiteatoon 

• Faceboffikcliaasaa "search by company" features to altaw netaMSrttohigg witHn 
cowonHesss. Over 50® praffites witHn DOJ listed a© empll®$©r on Faceboetk■ 


• Allow*® advensffraes access to your pmtete lifesarcti infonrmatoan that can bf 
used to targett DOJ persomrefel. 

• Your Ml name can be used to craft taircpateld e-mail mes^gjss or for other 
nefairrdms puirpnssss. 

• Faceboalk disaHdted nurmramtss fate praffltes that indUctted s link to a 
purpartteld vide© but whiidfn instead dispHs^/yeeid sb fate antfaifcias alertt. Seam 
desiigjrodd to get credit card! infotrmtetoon frown victim® for identity/ fraud 
puirpcBsss and instell spywsree. 

• Mitigtetdxnn: Don't incluwtte place of empfetytmsnt on puMtd pr©fiifes 
Driwre-tiyy Downriknotts 

• Downlteffltiiiigg maHiricouss softwfaee witHimitt the usetfe knowlted@e by 
expltarittmgg a weWdmsdd vullimsiatiijliiltiyty 

• Can occur whilte visttirgg legitimate websittes (Faceto3Dkk,p®e£eoalals, 
seardfn engines^) 

• P<s>§@§ security risk to Departmentt by givihreg attedtess rermstte access to 
system® 

• MitijQg&tnnin: Limit personal use of the hntterr«t white conn^flfedd t© 
a DOJ system to minhmece exposure 

Cenfr/bufw® Source: jSGST CyberFest 2009.: Emerging Threats Presentation 


Qu&tiitjnsi'KgfjOBlMRghhiiliiUl'U’nin or reqaicMsJfcurp&nmisstovtiVii&d&filttihut'SlfboMltl bp 

JSOOD88UBEERT 202-307-5332 



Visit Our Website 



Newsltette?? 


The Justice Security OpeirattixuBS 
Center News You Can Use 

Newsltidtfeerkeep® readers up to 
date on the latest tajpc^, security 
vuihteBarisitites, and computer user 
ti(P® to hdjp protest against cyber 
threats on the Iimtsnrrtet. 

These threats affeflt yonu everyday in 
eveiny way - at the offitsre at home, 
and in betweren. This is infssnrrraatoon 
ycwu need to know,, written In tewrs 
yoiu can undtetetadd. 

If you have any subjects, or ides® 
yoiui waul fed Hike to see addicted in 
futures newsHfitfeess, please entail 
Curtiss Johnson at 


Cyber Awananeess Tip 


DOI guidfedinees for JSRA users 

Do not commiBEttppeisDalal computtess 
to the JSRA Netweritk. 

Ensure the computedds softwares is 
fuil^y patetedaadd the virus 
pretteitidion defiiirittri*naaBB-e up-tto>- 


• Do not use PeOTT<tePeeetF(2B)PJil6le 
shairirng am the internet,t, such a® 
instate mes5a®iTH,SMytcpe, 
BitTomrertt, or eDohtey/, Ste- P2P is 

expirasE%f(fijjibcfefBn thwucfftawtt the 
Department)t unless® waiinar is 
obtetietU franm the Departmentit's CIO 
or his designeeimffiEBithOaiiiiiippoeietPt. 

• Use only autttoraeeldtthunrttD drim^ 
and diskettes, only dowmrltifflttfiftles 
franm known and reliaibfessmninees, 
and use wmsebhelchggjipntmfedeses 
prior to use.. 


; (JSOC) 


UtPdadBc fJSOO 


Tunm your computer off at night 

Shutttrrag your compwtter off before? 
going to bed eadtn night wiill save 
an average of $9ffl worth of elecWiMti^y 

per year. 

The Daily Green 
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SqflB «M »e BOMB 

Security Aware#n«ss 


Five Ways to Meet CompHerroee in® Virtual I Environment t 

Five steps for securing; and lodrintg down virtuedl enviiramrrarat&s and meeffingg 

complEaraee reqiuihEerrentas: 

1. P ta U ffo nnffaaddBimigng Configures the virtui^lzzatiom platfeurm, botttn the 
hypeiraisDair and adnmirrisataJibis'e layer;, witHn secure settings?, elimrintafee umueetl 
compenrejMs, and keep up-t5>ctote on patoirass 

2. ComffigxncEttonnaiMd ChangeNtenggeiCMfn-tExtBircti your cunremtt chaimpe 
and confi®irBait)Qn managenrreanit prratEsssBssaadd taxdte to the viirttudl 
enviiramnraeitit 

3. Ad/m imdtal fere eflccess Cmrt to i 6 l-Server admimtetaMscffs shomJht) have contoM 
over virttidl serwnss and netsnrartk adnuinriPtabtats, over virtual netwsnlte?, and 
th®3£ adnrririristta&fciB's need to be trairreEtl in viirttuditjatibon softowearee in order to 
avoidJ mSsnorTrffgparitian of systems 

4. W«ftw«»MSecw%aiid Segenmitbaitoon Deptayy virtual swiiitetfessaadd virtual 
firewallte to segmeirrtt virtodl netwntte?, and use your physctsdl network confncd&s 
in the virtual netaweWes as welll as chamtpe manageimeant systems. Be suit® that 
machihress handllrrag proteotfedd date are isolated), catei deptoyy virtual ID&jF?&©s 

5. AutfitLogging- Monitor virtual infraeataattee logssaritl comtetefee those logs 
across the phyaaail infrasCroctilicHre, as wellll, to get afiuJII pictuiree of 
vullirrffl^dijitieBES and risite. Adapt autormratfeeld todte and SIEM systems to 
integicdtee logs frorrm bothi enviiramrreeWs 

Contmfouirtrrgg Source: Dark Reading 

Computer User Tips 


Pa rente! I tips to keep chiMteen safe onlftre 

• Keep your computer in an open area 

• Set rute and warn about dangers 

• Keep liras of comnrruime&bon opem 

• Consiioter impfarradilriigg parental contotis 

• Consicterr partittamriigg your computer into separatee accomtfes 

Conbmfaiffirrrjg Source: (US-CERT Cyber Security Online 

Keeping Laptops fromn Getting Lost or Stolen 

Keep tlto^e tips in miirad whem youu talk® your laptop out and abort: 

• Treat your laptop likecearlh 

• Keep it locked 

• Keep it off the floor 

• Use a non-dtesmTiipt carrying; case 

• Keep your passworretts elsewtfnsee 

• Password; protect your system 

• Backing} important date beforee tir^^ilhgg 

ConWfetttrrgij So urce : StaySafeOn line .info 

To view the latestt JSOC MontHi% WrapTlfp, visit our wetbsitte afc 




* * ‘tittVUM&t t is ivto&nUvUjfinr Dvpattmetkt ofJmsiiuceinMcnnblifUsenlply and is nfft Iff be d&trib#ted(fWi$d4ffKb<DtyfiflWifPhf. nti ** 

Qu^immfVggatliiiflglthiBBUilinin or requestsf«sr pennii&itan Iff redti^thutestfoitfJl<ib®dV(#6fPdi!° 

JSCJOMMIEEffT 202-307-5332 


Visit Our M/etente 


What is the JSOC 
Newstetee?? 


The Justfee Secuirttyy Operattawss 
Center News You Can Use 
NenteHteerkei^ps reaatess up to 
date on tin® latestt tapes;, security/ 
vuHraa-EUflililiEes, and compuitter user 
tips to help protest agaimtet cyberr 
thnteftfes on the Wterrte.t. 

These threats afferstt youu everyday in 
every way - at the offitj®, at horn®, 
and in betweaun. This is infamaJibon 
you need to kmmw, written in tenures 
youi can urParteteidd. 

If yoiui hatfffi any suppetts, or idea® 
you wrauJttl lilte to see adfctfesseeld in 
fuhrte newsltettesr^, pleas® email 
Curts JohnnBDn at 


Cyber Awaneeresss Tip 


Prodeaxtbrigg Your Date 

• Use and maiinrtteiin antiviiaas 
softwaree and a fiiitaa/vtelll 

• Regullatyy scan for spywarce 

• Keep softtwffl'ee up-ttoddtde 

• Evaluate your soffcwace setttrrags 

• Avoid uiroiHiHtl sofitwOTce progreanss 

• Create separate user account fes 

• EstalUlt&h compuitter use guidteiiiraes 

• Use passjwsrcBs and encrypt 
sensittvee filtes 

• Propentyy dispatHE of sensittvee info 

ContribMtmrq) Source: US-CEMTgaw^ 



Module (JSOC) 


Say No to Paper or Plasttcc 

You don’t havettD waitt untllgrooeeyybbggs 
are bannmii: Say no to plaster or paper 
ones now., tinstaii, bring your own 
reusable shopping) bags. Consider an 
enth® set of reusable, doubite-hramlHeld 
hemp itna^ that work greatt for a large 
order,, and reusadte oir^mritecatifttonnneebh 
bags for your frunitt and wjgjiitdbtes. 
Remembfflr: BYOB (Bnrmg Your Own 
Bags). 

The Daily Green 
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Security/ Awanearcsss Tips 


DOO Urges Less NetwarMAnon|frm%,Moie PKI Use. Black Hatt20dD© 

l$$ VEGAS -- The age of netwntk anonynnrityy may be cormiiTCB to a close, 
accord!mg to a top defense official chairgted witHn cyber security. The Unitetl States 
needs to be more agiilte iirm defeiroBifrgg against atttetes fronm cybenraiiiirimatels who are 
constantly infilfteaWigg domestic: netwwnfcis?, said Robert Lentz;, CISO at the U.S.. 
Departmreerlt of Defense, during} a keyimntte addnesss to Black Hat USA 200® 
attenttees. 

Lentz said the govenrnmrwrtt comtirrmes its reseanotfi into attadk surffeiBss to prodtiicss 
an agile, dynamic defence capaHdte of not only detedthgg but being atislte to taite a 
proaetiwe role to prewsntt futwree atterite against goveimrrrrantt infrastanttrae betase 
they happen..'" Itfe alii thn^eoted in this area of driwtrrag anompnrifyy out of netwrartk”" 
Lentz said. 

CamtmlMfltomg Source: rnformabiom Security Magazine Online 

To view the latest JSOC Monthly WrapKJlfp, visit our website at:: 
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Visit Our W 


What is the JSOC 
Newoltette?? 


The Justice Secuitityy OpetiatanBs 
Center News You Cast Use 
Nemraitetter keeps readars up to 
date on the latest topics, secuirityy 
vulkrsrsfcbilitliBS, and computer user 
tips to help protest against cytar 
threats on the Interraet. 

These thmafes affeat yssuu evenydiyy in 
evaiyy way - at the offfiite, at horn®;, 
and in betafflen. This is infotmrtetion 
you need to know, written in terms 
ypw cairn undenatoold. 

If ycuu haws any stip^ute, or ideas 
you wcuifcU lik® to see addresssstl in 
future newsltettfeess, please ermaill 
Curd bs Johinsnm at 


Computer User Tips _ 

Sociall NetiiHDtlMg^ite TwitterOffline, NiUmns Fru sH/ r aftat l a ndl Lost. 

The popiuilbBr sociall netwenttargg site Twitter came under attedk Thuirstttgy August 6, 
200® and was out of sereioss for the better half of the day. Sereideewaas eventutetyy 
restated by late that evening}. The site was cormpteb^y inatKs^fcttte for all of its 
users anrcti anallyatfes beliiexee the denii^l-of-sswraee attedk may have oiigrredfedd in 
Russia or Georpi®. 

Sociall netwarhkiiigg site Face book and seanritn engine giant Goog/e feitrateJ off 
simitar attetete on Thiunsattgy as well.. 

At about 10:30 a.m. E.S.T.,, milllhnss of peopte worlbtl/vw&e receipted e-mreall 
message contahringg links to Twitter and other sites. Wten reciipgrrlSs clfcteotf am 
the linite, tbbeee sites were ovetiwUterradd witHn requissSfes to access their servers 
causim® rniffiravee netwaahk traffffoc that created the denial of seracee. 

Confcr/itoMfcimg Source: The New York Times Online 

SpawnmBKsExptoftrrtg Free File Stwageon Wefosrftes 

Autamtoted account creatfam expltoiit lets spanrnimeBS hide behirretd legitrrrsafee fill® 
steta^ serattss. An unusutel attack tedfrnrigtiae has enaWtetd spaimrntffss to 
disthtfeuiee more tharm 1 million messfflpss an hour usiim® legilimrtafee, free fill® 
storage serwasess avaiitetifee on the Interreat. 


In a bio® publli&tted eariiiier this week, AppiRircer, a securiiltyy seroibses promoter/ 
deseritote the unwstel appiramBDth. In a nutsHtelj, spamimreess have created an 
automat ted mettati for creating} accoumtfes iiiri popular free file stores str^b^s-- 
indtoilhgg groups.yahoo.com , groups.google.com, and livejoumail.comi - and are 
usin® those accowmtte to host theiir spam contenrtt. The use of these slt^ mafc^ 
th® spamti appear to be legitirrtefee, thuis enaMIrrgg it to byps^ commend}!/ used 
bladWlESfes. 

AppRiwr has twtetted its own deferraass to detect the new spam attojk and bledk 
it, but fifacUtidoabl spanrn toilte that blackllESt IP addre^ess or dontairTK wrlll not bledk 
the new attette. 

Contribmtiw^ Source: Dauk Reading Online 

**Thh is <Hh'tvdrilifitr Depunummt of J**aiu<':iniTrmtii:u\cwh!i and is imttwIbedditiltdiwlPdiaMffiidRdk&fldfHteitpent;** 

Questiiom iKfgtrddigglthislBiMtiin or ft quest* prr'mb'.iufrtli > > nlhln'Hnii’ Iff: 

JSOC/.iDXOirffKRT 202-307-5332 


Cyber Awansmess Trp 


Usim® CauCiun wHHn Email 
AtfesdtmeaPSs 

Tate the follbavmgg ste|ps to prpfisxt 

yowir^ff and oth«® in your addtrasa. 

book: 

• Be wary of unsdlraffeeld attfearttmeants,, 
evem framn peopte you know 

• Save and scan any aUlaullniMrtSs 
beftmaeojiipehrigg thennn 

• Turrn off tHie optSdm to autsmatoaB^ly 
domnrlteatl atteaPtmeeKs 

• Consiidter adsUttawiafel security/ 
praitteBEs((iee,., fiitaa/rallDI) 

Cont/ritMi/abq} Source: UZIS-CERT.gov 


jaws (JSDffi)) 
OSX (JS035) 
(JSOQ) 


Greffiririrrtg the Commutte 

American worteBS speiudi aar average otff 
47 howss per year connmutbiigg thnoouph 
ruslln hour traflffa:. This adds up to 3.7 
billinm hours and 23 bilnm galltnns of gas 
wasted in tr^ffee each year. 

We can ease this stnarn by carpraxtiligg, 
talkihg puiWIiE tranrstf, biking, waltkmg, or 
a creattvee comitarnaiiban thenfflsff 
Consiiater car alterra4ities;s, such as a 
hytartt) or eledrrte vdtriatp, rmfltocy/tbe, 
scooter, or usiirag a car shairingg s^vioee, 
lite Fiexcar or Zipcar. 

PianetGreen 
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Security Awanserosss 


Incident: Dashboards are now available to Com/pammr6x through JHBEKSs 
Remedy Web Portal 

Compomfflirtt sped iffcc Iratiotatt Dashtoffiffl-dds, avaiitotote wi#in aJSOC Remecdiyy Web 
Portall accoiutot, prcwctee Comprarortfes witHn an easy to undenSbandd grapttoil view 
into their indsteiitt tidkett state. The infwrmatoan disfplfe^eeidirrotiJiddss total 
inckfemtts Ofp®n, indatertts repoirteEfci by categjcsnyy frmnm the pnewibaiss month, and 
reaNtmae op®m and closed incidenitt tidtett information by catepDiyy for the cunrenrtt 
month. 

The Inciidemtt DashtaEffdd is accessible by clidhmgg the dashttaBrdd button at thettxpp 
of the JSOC's Remedy Weto Portdlfe navitpatann bar. 

For more infmtmtatoan about your Componrortt spedfftc Indctertt DasHtaadd, 
contact Curtss W. Johnson at cudtjgwiribh$req®(3kJs)tioMiov . or visit our websites . 


Guidelines to follow when publisMmg) informatfwmon the internet 

» Be careffill what yoiui post to the intemrait. Make sure youu are comfawte&ihie 
with anyonr® seein® the inframrtetion youu put onllinred, became yew don't 

knew willl finrafi and shaire it witth the peoplte they knew.. 

* Ktalite that yowi can't taitae it badk. Once yow post sometttinrgg onlinre, it is 
avaiitetite to other peopite and searatfn engirress. You can change or remw^ 
infomtetaxcin after sometthiirgg has been posted}, but it is possiibite that som®sn^ 
has already seen the oriigjrradil veraenn. 

Source: USCBRF 

document is ivtmntteUfm- Depmtttmettr ofJmduee intermil use only and is not to I* distnbttled outside the Department, 

QitC'Jtrdks iddgifrllmg tikis ®uMdiititorimtfuests fonptmmission tea imthslrihute should be dbmntsthlQ: 

JSOC/DOJCmSTT 202-3W7-SBK 


Visit Our Website 



What is the JSTXC 
Newsl&tbe?? 


The Justibse Security Opeitotamss 
Center News You/ Can Use 
Newsletter keep® reaatees up to 
date on the latest tapiess, security 
vuUms-ettliteBjs, and computerr user 
tips® to helip protest against cytosr 
thresafes on the IimterrBt.t. 

These ttatefes affedt youu evaiyttyy in 
every way - at the office?, at home, 
and in betweasn. This is infanrmaitjon 
you need to know, wriittten in terms 
youu can urotetotadd. 

If youu have any subjjaats, or ideas 
youu wouiUd like to see addtessseld in 
futures newsltottess, please email 
Cunts Johnson at 


Cyber Awansaroess Tip 


640,(000 New Fake AntiM/rces 
Variant fcs 

Reseanxttess are expedtiiigg 64ffljfltt0 
new vairiEBrrtts of the Fake Anfwiioss 
(Fate AV)) maHmsaee in the third! 
quarter of 20®®. This inarasBSBa is 
due to the ease at whctti Fake AV 
campaaggiss can be desjqrrectl and 
distnittatedd when compEaedd to 
banWarrjg Trepan atteofeiss wltiirihi 
requires praffesHDoabl progjiannniBtos. 

Source: Dark Reading 


(JSOC) 


(JSOCi) 


(JSOC}) 


Green Tip of tlhe Month 


Select 2-Sbtfeed Print rrgg 

The U.S.. alone uses44 miillam tom® of 
copy paper annuitotyy, aboutt 27 powiirotts 
per person, wUridtti accoiunrtfes for 25% 
of all landfill I waste. 

Source: Tlflns Daily Green 
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Security Awansraess Tt 


JBSHT^ End off MomftfhRejpamtt 

The JHKHT Moim&Mw Wrap-Up prmictes an end of monttln sumimrayy of JSOC cyber 
threat activity/ highligj+tts, VPR alette, CTAT bn^frrags, user awarerosss 
publlceatoaBE, and blmkeeti donmairTs?, ermaiil adcta^, aamti IP addnesssss. The reportt 
also OTitbariiesaan incidteirtt dashttana'cd that brealte dowrm indidente by category/, 
prroicbfess furfter anail^sss of Malidbaps Goatee incktortEs (ttfre Departtm®rrt'fe's most 
idenrttfifeeld threat category), and indbuttss a list of the most poputer intemreat hosts 
visited by Department users. 

To view the latest JSOC Mlonthlljiy Wra(pdl]tp, visit our wetosite at:: 
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Computer User Tip* _ 

CytorCrinuiafteRoll Outt Fake NionradftPatdii NtdlwareeCanijparggjns 

Be on the look out for the folllbn/wiiigg malwaree carmpsicgras desicgrtati to e mud latte 
legitirralde Microsmfft (MS)) updates. If yoiui encounter any of these updates at 
work, recontd the URL and notify/ your IT Security staff as soonr as posstotte. 
HomeuErasssbbddld only accept MS pro^tEBm updates thraugjfi Micrasoffb's website 
at www.teoxoQErftttgDrnm . 

• fm ptertftjen01Wiuvttnws XP/Visfca Secaarriyy Update: Ths fake update is 
often sent via ermaill witttn a fate Conffcter renneteil todl that can often be 
identffedd by Confidtear beim® miis^tellteld eas "Confllbftef". 

• OuMnrik Re-Con/figunaStoorCarnvyMr'rgri: A fake Outtafk Update exeoutHrttee 
file (outtbnH<_uppldea:e. exe)) is beiircg posted to legiimtafee webates that have 
been cormpiamreedd. Outtarik updates shoiultd only be perfermedd thrauigfh the 
MS wetette. 

• CrttftcMI Oufltadk Update :Thii$ thincd malweate attedk shoiuibd be familiar to 
most users te itfe deliwareeid viia an ermaill attedtmnrerrtt (offfctfflcppKlB@9(D022-l- 
FulffffSefflWltlexe)). Do not douitlte click attanftmwrtiSE, espesiEdtyy .exe fftee?, 
offering any type of softeemse update. 

Conbributfangi Source: ZDNet 

AdatermpJenraarttsQiHnterfyySeavirltyPatcJimgj Updates 

Adctoe released theiir first quartetyy pateffn that addn^^ss 13 crftfeal PDF 
vulimstetitides to Reader and Acretett 9, and earlier veraoms of ttfffe sofevaec. 
Adobe recornimeidds users upgraolte to the newliy released $112 vatgran as soon 
as possiifeJte. If yotw are rumrimtg an older version of Acrotoatt or Readet, anrtti can't 
upgrades, visirt JSOC's Website for alternate veteran upgrades- 

The DepartnwA's's IT security/ staff perffcnrros softeeaes updates to your work 
computer, but cheek to make sure your home compiuter is sat to perfenm 
auteffltetfc: updatte. If not, champs this preference^, or perfcnrm a manmudl update, 
ieftwaise that cannott be set to autonrrcataasyy perform updates shoiultd be 
updated maimjjHlIiy on a monttiriyy schedUJte. 

**Thh dmum&ttt is mtmtdUdfdsr Depanttnentr of Jmstica intamui! use onfy and is not to be dititriibntddo0tstdidifhdflfip&ftmffff '? ** 
Questions regandmgtiim Bulletin orwvxguests for permisntm to redistribute should be dfrwtbttftfjQ 

Jsocz/Dojcsrarr 202 - 307-5332 


Visit Our 1M 


Whatt Is the JSOC 
Newsletter? 


The JustiiiEe Security/ Opensatexnss 
Center News You Can Use 

Nem&bitte r keep® readers up to 
date on the latest tqpiHa;, security/ 
vulhnertctilitifeies, and computer user 
tips to helps protest agaitmrt cyber 
tflmtefcs on the Imterrrtt. 

Thirae thiieaaSs affect y«w evetycttgy in 
every way - at the offte, at homres, 
and in between. This is infbnrrraatoan 
youu need to know, written in temrras 
yowu can undstetewld. 

If youu have any sultsjjaDtEs, or ideas 
yew wowJtti lilte to see atdtoesseeld in 
futaree newsltettess, plessss ermaill 
Curttts Johrraim at 


Cyber Awareereess Tip 


Twitter Users Targeted width 
First For-Prrnffit Anfiuirciss Scamn 

The first week of June intncnlilioeeld 
Twitter useis to theiir first antuirnss 
for-flrofibt scarmn promrissiigg a “best 
videoT via a falte YouTwttHswebbilete. 

Thiis is the sarm® antiwiiass scarp that 
has beem ciiranitttigg on other social 
netsuorHiiiigg sites and thrau^jd enraili. 
The scam dineitte the user to a 
maiiotawss site that instelUs the viinuss. 

Contributing Source: The Register 


MS Crittba&l Patches.Jlunae 20OT 
(JSOC]) 


(us^mi)) 


Phantem Load 

The EPA estmtetes consunwss spenrati 
$1(QXJDO(EO a year on eleclnreityy used by 
eleeBromitiss that are tumretl off or in 
stanrati by mode. EPA reamnimedds: 

» Unpllug power adapttess, batteyy 
chaiigpjss and other simiiter items. 

• Use p®wer stnrpss so y«w can tan off 
eledtanitiss compltote/y. 

• Buy pnadintts that are highly rated 
by tthffi fedtetel Energy Star program. 

The Daily Green 
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Security Awaraarcess Tips 


rnterra^Suniing Da/mgsiss 

Cyber atfetetes origjrreatiiigg fnnmrm unsafe websites and enmaiil are 
becoming incretemgfeiy sophfetaaiddd and foairate on everyday 
cornmuntmadban chaimfeis as moire and moire rewaruffie is acqiuifBEfcl. 
Malidbaitscodde's are deswpirtgg theiir wetettes to be exact repllaass 
of legitirmade websites, and therm advertising) these sitewaawebbadslsaadd Iimtesirfet 
searcttes. Fake sea-obh engihrees and mis^felteld websitee domain traffic are big 
busiiim^^, espesiEdtyy in the finrearorahl and sociall netwrarWirigg mairttett, because 
visitorss thiiimlk they are on a redl website and share theiir intantetriran witttnmnit 
suspitaiun. Users are at serteuss risk of encountering one of these phomyy 
websites if they spend time surfing and sharing infotmtetoan over the Intermit. 

The Departmrerrtt willll begiim impIlBTreentiirTraB BlueCoaffM filtess in aennncfeniaee wiffln 
DOJ order 274WD..1M to help preterit its netwentte against existing) thittefes and 
non-wcn+k rellateti Intermit usage. Non-mmhk reliated Inteirreit usage contirness to 
be one of the largest thirtefes to the Departmtetys inforrmatebon securityy. 
Rem e miter, netwnrtk security/ is everyentes resprarmsttilityiy. 

NewrnfomKBtfairPh ishiimg Schemes 

Fake infoirrmatoon gattteiiiigg schemas based on popiuitor topiass, therirress, and 
games are beiimg created by identity thiiroess to enfbss users into entering 
peremfel infanrrradtoan. These typite of groups or diseutearas often requires the 
user to input theiir first pet's name, motttefe maibten name, street addit^s, first 
schooll,, ete. to joiimk/esggiSder befanee the user can participate. 

Disctosihngg of this kind of persomtel idenifyytiigg infotmtetoan is very useftll to 
identityy thiteess as it's the same type of infotmtobion required) by web email I 
accoumfe, legifimifee wetetes, and banking instittitiboss. Be carefiJI witHn any 
personal informteibon as it is very diffbaiJtt and expetmstAee to rebuild) a “dgjttol 
identiidyV'" once it has been comprorriBedd. 

If you encoumter this kind of requiesit for perarotel infotrrraatoan at wortk, do not filll 
in the infomrmitoop; note the URL, and report it to your IT security/ staff as soon 
as possiHdte. Intonrnteitjon solidteitbass receipted at home can be ignaneed by 
closing) the browser windsvw or navigattrrgg to a new website. 



Visit Our Webs 


Newatetbef? 


The JustS ace Security/ OpeiraJtmrss 
Center News You Can Use 
Nem^tetterkeens our readanss up 
to date on the latest tapcas, securityy 
vulhtertsbii^es, and computer user 
tips to help preterit agaihtet cyber 
threats on the Intemat. 

Theaffi t#m®afcs affentt you evetryyiiyy in 
every way - at the offense, at home, 
and in betwaHm. This is infonrrrteibon 
yoiui need to knoowt, wriitten in temrres 
you can undenaStoidd. 

If you have any issues, subpatSs, or 
ideas you wwuJfcd like to see 
addnsssBdd in futaree newtetettes, 
please email Curtlits Johmswn at 


Awannreess' 


Sochi I networkhigg sites are 

detiwwrmgg malwaree 10 twins 
more effeottv«*/y thorn email. 

KaspetsMeyy Uadis's Malware Evolution 
20OS repurtt indatefees that 10% of 
alll matara-ee deliteedd via social! 
netswwrtking sites are suioEffis^tiliyy 

instedtedd onto meitmtiiBte' compittess. 

KaspenHeyy Lab contested over 

43JMDDD maltatoee samgltes fnmrn sociall 
netwrarthiigg sites in 200®, white 

McAfee reprartted 80® new vatti Brits 
of the Koobfecffi vinuss. 

ConbrihutmsB Source: eWeek 


Computer User Tins 


U/pritetteamri Patdn Your SysftsrmSaffibMareeOfitain 

As soon as a securityy pataHn its annanimiBEb, malitriduss codeis are hard at work 
wriirrcg code into their websites and email attertte to expltoitt infwmrrattonn from 
your computer, befottee they can be patoted. Coders haws reduuted the time it 
talks them to write code to explldtt a new vulimeisteliiltyty from weeks or days to 
houfe! Micrraffisfft autonrreStec updates are perifemredd every TuesjftQy in what is 
refereed to as "Pateth Tuesday'.'. The Departmrart'fe's IT securityy staff perfcnrms 
th^® updatess to your work computer, but chedk to make your home computer 
Is §©4 to perfeirm autoirniattix; Micrasnfft updates. If not, change this prefa-erroee, or 
pefferrm a mantel update. SoftvwffBe that canrratt be set to autormatoadjiy perterrm 
updates shoiuJtt] be updated manuidiyy on a monthly/ schedUlte. 

** nmiUncumMt is imanUMJiur Dtputtmeti ofJmdiimaatKnhi use mfy and if net to be dimihuml twfbitk ihe^mlimimt** 
Quesbitimn^utimgitlihisISeHititinmTreqifBttsts fm-peerniisision to redHatntitubshlrmititbbelditotednbto: 

JSOC/DOJCteir 202-307-5332 


(USTEBRT)) 


Junk Maiil 

Each year millltmss of tngass and billltarrss 
of galltarres of water ar® used to create 
ijuunttc rmaill. To be remrcBAeeU finnnni the 
natitrrraiI maiilh® lists- send your 
name, addiasss, amt signattuiee to: 

Maill Prefeira'nteeBSBricfce 
c/o Dinssat Marfetbiigg AssodPtoran 
P.O. »5>x 64$, Canute,I, NY 10512 
Source:- nationalzoo.sf.edu 













AfxH/ 20 OS 

Security Awansarresss Tips 


CtmJfick.er Worm 

The new version of Confiottetr, idemttfiield on April I 9, 200®,, attetmrfjUfes to 
[fj] insitell new malliiriams cod®, scans/waee, and W&teteac J. Dowirraotlifp onto 
Vr infested compuitess. Thiis new veradm is esperitetyy dangetouss as ttesee 
softvfiffBS addittams are desgjrodd to scare arrrad triiitk users into naviigjsdtmgg 
to maliinduss websites that captures perannrtel and fimaaTotatl infonrrredtoon. 


If ytmju tfteitaee your home computer may be infested wifHn Conffiitter, therrtess an 
easy way to find out. Confidter blradte arassss to wettrates that conteim softeaee 
that may interfere, blank, or remsvsre its insttstltoibon. Open your inteimtet browser 
at home and try to visit the follbnwmgg webates: www.jTTiiaroQSxflfbanirim . 
www.jmtefee.com or www.SArmgTtdec.com . If yarn are unaWte to readto these 
websites, your computer may be infected. Pllease clidk here to read OSCERT's 
infoirmtetnian on how to detetit \ renntiMee Conffidter from your home computer. 

CanMtowtirixg Sources: USCEKT,, CNet, Washington Post 

Mahoiouis Email (Spam) 

Spam accounttsf for over 97% of alll emaiil, and is still a maiim delivery/ vehiiitte for 
maliraoDuss coddess who propagate theiir maliwaree, botmtets, and viiruitoss over the 
intairreit. While there have been sutxetefiil shutatbwms of spanrn sendrrcg 
compsairiess dStdQBtdts'sclotaseren in Nov.. 200$ resulted in a 60-Z?U,% reduPtoin in 
malraoDuss maill and botoett deliwaiyy in the US duiriritg Nov., and Dec, 20(5®)), theite 
are othenss that have steppst] in and already inasssed spam deliwsiyy rates 
above preelVMe6 hri deletel s. 

• Fake Confidter Irnffesttbom Aletrtte 

Scarraweree email campsscgTss are cirafelriigg that try to scar® the reciptedt 
into accept rngg fall® antMross softeffBe by sayirrog the redpenli’te's computer is 
infested with Confirdter. If infested, the computer wild attempt to downrltead 
the Waledta botnett and spread the virus to other computess. 

• Stiiimuliiss Package Offer® 

Malidteuas emaiil is cirrafetriigg with the IRS log® and piduress of Presisfertt 
Obama that adveuttsee avaiifetttte stimullus pactape money for cash strutted 
IndiwicbUatts. These emaiite requusstt peratrra&l, crediitt card,, saitd other fiur®irc<te£l 
intomrteibon to veriif^y that the redpfflrtt is quallffedd for stimulUss fumrfe. 

• Tax Retunim SolicStfeafejon 

Fake tax return emaiite are being; sent that offer "cateln now"' in exctetpe for 
the recipient's tax return}, or chatrgpss for serviote to expeutltfee a tax return). 
These ©rrtelSs are desiipreati to colfedt your Sociall Security numtot, date of 
blrtth, moUttfeds maifiten name, crediitt card infouirTEdtoan and the PIN for your 
ATM card. Tip: The VfcS netfeir initiates co/mterft with taxpaj^errs via e- 
ms*1\ifithas to do with yaxur accmmrtL or private infocm&iMm. 

Be very suspiacoiss of any emaiite you reosfee frewn strands?, eornttaitei?, Sf 
gevtmmwrtt agenrate that requestt persanrte.1, fiitteroratl, or crediitt card informtatoon, 
If yen r@e©w®£am email that direttes you to a website reqnu®&tmgg you to dewtfltead 
er update a program, do not accept the offer and close the wefe> brewg^r 
wif/tow. ( Sllfabk here for instnuctiiDOBS on how to report: any msllctoms \ sp#iw §m@iil 
you have naaawedd at work to your IT security/ staff or JSOC, 

CenMtutmg Sources; SecuntyFocus, Security/ter*, CNet ZONet MSN 

This document it intended fen DOJ rmployeet and cowmuatots . and is not to be distributed outside the Department- 
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What is tttne JSOE 
NewsItetteT? 


The JusBobs Secunttyy O pent boas 
Center News Yanir Can Use 
News^eCtor keefp® our reauteas up 
to date on the latest taflaite, secuirityy 
vUhris^iibiitMtes, and computer user 
tips to help protest againtet cyterr 
tlwssafes on the Internet. 

These ttliteafes affedt you everyday in 
eviFyy/vay - at the oAReb?, at homte, 
and in betswaasam. This is infarmaiibon 
you riBstl to know/,, written in tenrnss 
you can undetefeandd. 

If you have any issuiB®, subjjaxtEs, or 
ideas youu woUbtl like to see 
addiresESEtf in fuituree newdytoEss, 
pleas® emaiil Curtiss Johirissim at 


JSOCS NEW WraRMtK ONLTifE 

JSOC’s new webfliagpe on DOJINet 
conterresaflllitte cyber security alette; 
cyber britefiiiggs, user awarteresss 
papery, and newalbJtts/s. Please 
click heir® to visit JSOC's webfjc^e. 


t MaliincateBBnteiBSbtiiiittdlal 


Infonwatiban 


t VutrteteilHtv/itbetds 
% CvberIfflrrBsaMftldissbegs 


i News Yam32an Use Newsletter 


Releases 5 Critical Updates 
on April 14. 2009 


(Mioraiesrif)t) 


Turn Off Your Gamirirtg Conscdte. 

A garni h® consdte that is left on 
twsmt^y four hours a day, seven dasssaa 
week, willluseeaas miuntln electnroiliyy 
annatel/y as twm new reftrigpratorsrs. 
(Graffin liwrrtg Tips)) 


JSCrC /DOJCCIBRfl 202-3WT-$333 
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Security Awawearosss Tips 


Soc/vafl Neitwray^i^c^e/bsiftesarMflJtoto Boards 

_ There corrtrmtss to be a surge in malteree, viiruiaass, and botmtes 

diteflfedd tow@rd and resolJrrag on sodiall netmtetagg and jjoih boairab 
weteatfess. Mai ideal® codtens have tuurrastl their atteirttriron to tteaee 
webstfees ( See USAJobs AdviistiHTOs/ ') became of the wealtth of 
infemmatoan availfeftMe, and the relatttwee ease at whiKttn merntteiss seeirnn 
willlrrtg to share it. 

If yew are @ memHrer of a social net»to*kh^ or job boairat webatee, champs your 
passwwrcd todays, and change it often. Use a passwendt that is at least ’8 
charaottes Ion® wiith a comtiarreflitjan of upper and lower case letttesg, nurmtoeras, 
.and speciall charactbrss. 

NdmrnuE Web Sites EnapttLocal Files 

A rush of new fate antiiwraiss websitess are being desiipnred to emuul&te autttrarttec 
sites due to the suoce^ they have had at tribdfeirrag visiitoss into downrltaettitiigg theiir 
malliijidms contentt. Some of these weitratfees contfeam "scarewrana?" programs that 
atteimtptt to scare the visitor into instsdlilhgg theiir mahraiae or vinos. These 
websiitfeas are nomraliyy idenfffedd by warnimg messagss or pop-upss that telll the 
visitorr a softwEffBe upgiraotte is needeti or sometttinhgg bad is happaartihgg to the 
visitors computer, and offers theiir softwraes as the solufam. UnfortUrrate^Jy this 
actirnnn resuilte in instolilhgg the malwanee or vitrms the visitorr was try/mgg to avdbtl. 

A few scarevEoee sites have intm»dunned a new features into theiir matoorere - 
encryptbian. This new versiam atteirptfes to encrypstt and scramttifee fifes 
inside the visitbrtgs "my documents" folder when installbdd Once the 
encryjjtttaxiri piroe^ is complete, the visitor must purataee an encr^pttaun key 
from the malicriamssMe to access their filles. 

If you visit a website you thiimtk is mailmans?, please report; it to your IT security 
staff as soon as possible. 

Cfflrttf44>titi^c$o&max W.a ^AfasjS import Post 

Computer User Tips _ 

WefeBttePassHMBifldB 

Two-tttiiidds of computer usetrs use one or two passwarttts to access all theiir 
websitess. If you are erree of these user®, chbo not allow your web browser to 
automattbtoliyy save your passwords. This pradtbee allow® anytsnrae wifttn physical or 
remote access to your computer, access to your web site accountfes. If your 
browser supports an encryplfeeld master password, your saved passwwrc&s may be 
more secure, but there are programs desipretl to break: this encryqatriian. 

Cmrtritottti^^i&imEceNy Wrmes 

SecnonsYour IMwnfteffiRouferaltHamie 

When instoliiiigg a witotess netwctek at home please take the proper step® to 
ensure it is secure. ILuraWdm the mamutel for how to change the witetess ID (alls® 
known as the SSID)) to sometttiiirgg umiigiBe. Turrm on the Wi-ffii Protest Access 
(WPA or WPA2J for autttnsTtteaStion, enatoJte Temporal Key IrtltegHiyy PirotessU 
(TKWP)) for encrypltanp, and use Media Access Contratl (MAC)) addtess filtomag. An 
unseounastl wiiutetess netwontk allow® other computer users to use your bandwibtthh 
for free, andd possiteijy use it for illegal actiwitiaes. If the pdiiee come looMmg, a 
persottn witttn an unseairedd networtk would have a d iff milt t timre prowtrigg the 
activity/ didn't come from one of theiir computes. 

ContirikMtrm$ Source: SAWS 

This docwm&rtt is intended$»r DOJ erngdo^ses (antic exnuna tifirrMi ad is is not to fbedOffliibuted outside ditelSlffiOrUU OP.t- 
Questions regmtiitfgtitikiffldlkeimatrieicfiiestssffotpfeeTtmsiion to r&tiiatntiwteskiwldd)b1§> 
JSOC7-UWMKBKRT 2O2-307-5M2 


What is the JSOtE 


The Just ere Security/ OpetrStomss 
Center News You Can Use 
Nemsfbttterkeeps our reads® up 
to date on the latest tapd®, security/ 
vultireatoStiiiees, and computer user 
tit® to helfos protest agaiilm&t cyber 
threats on the [nteirtet. 

These tthresats affert ycuu everyday in 
every/ way - at the offibre, at honre, 
and in betwasm. Thiis is infdnmtekion 
you rated to know/, written in tettm® 
you can undetisiteiald. 

If you have any sultijpHtfe, 0 r ideas 
yoiu would like to see adfcitessseld in 
futuree newsletters, pleas® ernaill 
Cunts Johirrsim at 


Fake Waltettecc Coupunn Weibsittes 

CoupranriEter.conm, a legittinatee site 
used to optfirrrnee and gatHrer 
coupmss, is the latest tairgtet of the 
Waledax vinuss. Fake CouporaizBir 
wetostfess are now onlfnres that utilise 
IIP geol bare toon dattataasss to locate 
wetbsitte viisitt0ss. TtliiEB soliuttdun is new 
for Walleater welbatbss, and allows 
codenss to furrtttearr trititk the visitor by 
offeirrigg natimtel and local! coupans 
based on the visitors locatfiixm. 

The WaHeotea: viiituss, whiiitb infertte 
computer systems to collteElt email I 
addn^rass, is ddiuaeeldaasaBn emaill 
or Ecand that diirgaatfes the redfptelit to 
a faBre wettratte that instetes the vim® 
whem clWteab by the visitor. 


(JSOC) 

■ Arnnttret ana 
Vulramrtctaitit 
(JSOCJ 


Publicc Trarm^prrtSSit)on 

A penssnn ridrTjg public toarTqtetdtbirain 
can achieve aim averages anirutel 
savings of $8,4ffilt, based on today’s 
gasfpwees and avetiagpe parking costs.. 
(APTA) 














Security/ Awansmsss Tt 


CytarrCrume in 24MDBB 

Data captmree, passwffirttts,aflndd account nunites will! conffirm®e to be the target of 
mallbiams coders in 200®. White the Departmtaht of Justins is utiilEzifigg all 
resffljircess to protectt its users against these risks, home users are expected to 
encounter a draimreata: increase im fate email and mallicimuiffi weitrattes. Imdtetyy 
also predates moblte cell phone netMrtte are the next target due to the 
advancBSS, popullaiityy, and the variety of ways smart phonrasafflee beiimg used. 

• Date Ca^aftnnee Malidbaits aoddessaare constantly modffyihgg the schemes they 
use to gather infotrimdtoan from unsiuq?B 2 ittiiigg users. Be careffiil whetm opening; 
emiaill attartlrmee-rtSs, accepttngg free offeis, and surffhgg the interred:. There is 
someamre out there trying; to colltett your infdtrrrraaitoan. 

• Snsantt Phones: Voice and toiurdtittnnee phi^trirrgg (nrmmtln like email and web 
phishing}), mataane, and cellMtor botmtete are predoteeld to become a serinaus 
threat to the mottalte netwntk in 2009.. Malidbais esntte is toeing written to take 
advamtege of the growing; tireirati in motoilte interacttwti/y wiltHn compairiess that 
reqiuinse sociall security nuirnitess, account nuimrtteBS, and passwsrdds to verify 
identStyy. High valluie targefes willl also indluidte indiwiddiaWs that interaatt with 
finaroiail instittn tones to trarmter fuirofe and stodts thiroaigjh molbilte devices. 

C o/rffrr iiwlti 9 c$> iStmi rc e E m erg n§gC Cy b e?nTlvr &a €s‘ /Re p a MfQ, G eottg ia r <Te*c Re info ntaat i 6 tv iS 6 frCitipfeErr 

Social NeteomMon^lisks 

Social netwenHiingg is often used to firrati old fritetfe, create new firitentts, and 
netwenfk with peopite of comimronm interest. This free exdtiwrgps of infornrrtatocin 
estattdlsttessadalfateseraese of security/ as the user thirirtte only "friematfe'" are view nag 
their posted) informtetoon. Malidbuss oDddess explloitt thiis vulner^hiiliyry by invittfngg 
contort 6s within the netwrcmfk to click cm theiir page. Once dieted, the emteectttteti 
code infedte the visiirrcg usetts computer and direettes it to collleht persatel 
informtebbon from the user;, the usehfe frierttts, and usehfc groups on the netswotek. 

Fake AnbmrwsSofibMea-eeUfMtetesMfraaikHaiMixc across the rnterntet 

Mlalidimuiffi softasBe disguiited ass a legitimate Antwifoas Update is tiftij&rigg users 
into dowhtattilmgg and instaHiiiigg its Trojjan virus. Recently, then® has beem a 
sigmiiffiteit inoraasasim Fortes AntiWiross (AV)) Trojjan Horse softsweate that is utilizing; 
sociall engiimfflga-rrhigg priimuiRMes to fodl unsiugp®Jttmgg users into compromte&igg theiir 
own mactirress. Do not upgraofe your antwiross softwtoee thrcsugbh hypetlmftks 
offensHd by unknown website or pop iufls wiirrotovss. These softswtete update are 
automtebbaiWy prorated by the DOJ IT seraose prwiettess at work. If yoiur belitete 
your antwiross softwaree at home needs an update, open the pro^rsam from your 
desktop and seledt the button or link prorated to perfonrm a mantel or live 
update. (IBKHT White Paper) 


Comi 


User Ti* 


A Thick for Renmmfi«hiigcJ.ong Passwonte 

When creatngg a passwatreb, users shoiultti avoiiH comirnttsm woirato/ proper nanr^, 
and randomtly generated passwrarebs such as u GrTlkE®IW66$V', whiijtn woylbt be 
imps^Wee to rememtter. Try using a phrase that is famiiltor and easy to 
ftmeiffiteffr (exampite: "IBowIteWPase®’!/:). Thiis password meete the Depaitnrtett'fe's 
11 ehif^tter passwardj requineurroetUs by using mflpsicaaeeaadd lowatmee letter, 

numtesnss, and syrmtudts. 

Contributing Source: SANS 


What is the JSCXC 
NetoftitetteT? 


The Justiiffi Security Opeiraatenss 
Center News You Can Use 
New^tetterkeqps our reaedtess up 
to date on the latest tupidss, security/ 
vulhnw^rSlrliites, and computer user 
tips to help proteitt agairtet cyter 
thratats on the Iititertet. 

These thnasats affept yoiu evenyettyy in 
every way - at the offlidB;, at home, 
and in betweein. Thiis is infbnrrraaibon 
yoiui need to kmww, whiten in termK 
yoiiu can undteteteidd. 

If ymu have any issues, subjpatts, or 
ideas youu woiuldJ like to see 
addrassBBEtl in futiree new^tetters, 
please email Curtte Johmsim at 


Cyber Threat T«p> 


Fake Greettngg Card) emaiite are 
dishrittutteld to caplwee date and 
email addtessses. 

Intemntet scanrr®, charily firauut), fake 
wetetess,asidd unsdlcdidd e-irrall will 
interreiily arraimd the Valemttmae 
holiday. ExeraiaBe cauttcnm whem 
visttingg new welhstess or opemihffl 
emaill offeriiigg free itemres, gife, e- 
cardte. 

Malwanae writtess and spararmtess are 
desi®Trihgg inoesEsiirg^y corwiin®migg 
emaill and fake wefcatfess to fodl 
visittoss into accepttrigg theiir viimiiBss. 


(US-EBRT)) 


Green Tip of the Month 


Donate or Recyste OM Cell Phontes 

Cell phone upgnacbfess cause consuimtess 
to ttmavw away over 130 ) miilldnm 
working celll phom^eashh year. 


This doemmant is inSttmlidd four DOJ emgibg&Ms and 
contrmttam. and is nut to be dis&nihttftfd oM&iike 
the Depcantmmt, 

QuesttuartsnaggaitiiUgglthiiiBUiiiilin or requestsjftB/r 
pxanmtmtfm to redfcftfriihutie ^haiUtdhedJtEeDidciao 

JSOODOJOHKTT 202-»73S$22 
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Security Awanamsss Tips 


MaAwsreeTargefts USB and RemoocraCUteMeoAra 

Iim recent mewittei, JSOC has idenittffedd a significant t rise in the nurmtor of 
dartggtf®US5 maltwea-ee dowhltsates tairgtetiiiigg renrmwteMe media deviates. Thiis rise 
has ts@©n attrtfctoiteeld to malicdtaiss coders writing; matateee fbaiarati on infenttiiigg 
USB amdl rtnmswtftfttoe media storage devices to spread! the viras qurckiy. 

Thumtb dnkxe^, exteirrail hard driwte}, CD/IIMI&FRyvy, and flasHn media (digjtbil 
camena'4fl»bQed)5) are targeted because they are portable, and eaasljy exctarrjp 
infssimrreataxPin betassm compuittess. Wheim infested deviates are conimsiteld to a 
compwlter they attenmpjt to install Trqpjn softuwsarBe that rums in the backpauindd 
unnoticed by the user. 

Steps you can take to help protest your home pc:: 

• Disalbte Auto-flluo. life important to disatoite Auto-fRim as this features allkmws 
remoxxsEttefee mediffl to autattnreatoaiiyy start or install I any softwares progiramnrreeld 
to rum whew the device is inserttefcl into a computer. Thiis allboves the Tropn 
to spread thirnaji^todt your computter and conimKdteld deviates. WfeKHse ame the 
help instwicttomBs on your home computer to disatoite AufcofRimn, 

• Hmstfedll Firewall I and Antiwifuss Softwaree. Windbwss XP and VISTIM come 
witHn a fiiira/wflll that protests against most intnusioDiBS, please make sure it"ss 
enaWteti aandd updated on a weekly basis. Norton and IMamWte?, atom® witHn 
many othss, also offer "off the shelf" choices for both fiirewtelll and antwciross 
proteStexnn soluttcaros. 

• Create a User Levell Login fwit/tnmrttadm/imisflrrattwflsprivilegesj,, and use it 
as your maim logiim aoncmmitit. This helps rediume your risk of infedtorop, and 
denies fulll admiinrisitatitiee access to your computter in the event your logim 
crederrtta&s are compnooniBeeld. An Admwrt tet r a d fare d_ogin should newsrbe 
used when conuexftmgto the fntoi rra dt. 

Computter user Tips 


Avoid NaiicuusCode anriSoUbMEBee 

Cunremtt web tedtmrodtagy makes it possiteite to emtorati addittorafcl code insiide a 
priimnarrsy wetopagpe. Hackeiss are ablle to miisuitee thiis tedtmroddigg’y to canty out 
mallicious actMtees, such as redirectingg the useiffe web browrasr to wetoatfees that 
secret!Jy dowrmload intuuiawe softiwaree. A numtoer of populter wetostbss have been 
imparted by these atttatte because the code iis soptofetriatedd and hidoten from 
plaiirm view. 

Steps yymuoEBnn take to help protest your home pc:: 

• Upgrade to Microsrfftgs Dw temte t Explorer 7.0 (IE 7)1 IE7 indliudtes many 
user fritenotljy enhanraBUTtBrnites and new security/ featoess that help protectt 
againstt maltateBs intnusidxnBS. 

• Regularity Update Com puttees and AppKbstttbaBS. Ensure Microsoft 
Update iis schediiiteti to check weekly for prcKdiuctt updates. ApplicatonBS that 
do not autorraJkiatiiiy perfatirm weekly updates shotuittl toe updated maimtetyy. 

• tntmpitaojiGe Your PasswsnoH Security. IimmaE^e your password length to a 
minimum of 12 chairacttess that inductee upper and lower case lettess, and at 
least one numtoer and spedall character. A longer password prcwibttes 
signiiffoCTrrhl^ly higher protecttram from unaiuitttoraedd access.. 

“This doerunemr iii inhcmtlaUfur DOJ employees and mnUmUW.ts, and iv not to he d/ilnltu/rd outside the Beyumment,** 
Qmsthtmsneegmdihsglthis nesesimter. or reqfiulsv\'Jtr>irffBnmissionn lit redts shouldhedihootwd tor 

•ISOfC/tWOHdERT 202-307-5M2 


Visit Our We 


What is the JSOC 


The Justice Security/ OpeitPSmss 
Center News You Can Use 
Newest bftterkessi our readess up 
to date on the latest tnpbss, secuirrtyy 
vuHiWEMHibes, and computer user 
tips to help protteut therm agaihredt 
cybetr thrtefes on the Imtteirralt. 

These thntefes can affedt y«aui 
eveiyitey in every way - at the 
offfree, at home, and in betw®ari. 
This is inferm^ibon yotui need to 
know, in terms your can unrfensStadd. 

If yoim have any issues, sutUjjealfes, or 
ideas ycur wouibti like to see 
addrassEtl in fuJuiree newsltettess, 
plea^ email Curts Johnson at 


FaeettasHtgs users are targpafedd 
by a virus named "Krxsttffetet!.". 

This virus spresBotts wite a note fmnm a 
frifflTCd that might say,, "Vtei'he really 
funny in this videos." If cliidtetj, the 
link coniriBBlfcs to a website whibtln 
aste sf®ui to dcwunriiliMld an updiate to 
yoor Adoto Systems Flash player. 
This link wiill attempt to install the 
KodWfetBBann your compjter. 

Koototese modffess user prnffltes to 
redinsaatt theitr visitors to malicious 
weifestfess.. 


(US-CERTI)) 

Obaraia. McCain 
Lessoim in Cyber Secuiritt 

(Secuiirrtyy Focus)) 


Recyolte Your FluonrasiBntt Butts 

The Mercmn^y framn one fltarBSEBHtit 
bullto can pollllute 6,WSS gallltans of 
water beyiimtl safe drirrktrrgg levdte. 








